stad.yalla-shoots.io Open in urlscan Pro
2606:4700:3033::ac43:8fcc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yalla-shoot.io/
Effective URL:
https://stad.yalla-shoots.io/go/
Submission: On October 05 via api (October 5th 2023, 8:05:55 pm UTC) from NL — Scanned from NL

Summary HTTP 140 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 24 domains to perform 140 HTTP transactions. The main IP is 2606:4700:3033::ac43:8fcc, located in United States and belongs to CLOUDFLARENET, US. The main domain is stad.yalla-shoots.io.
TLS certificate: Issued by GTS CA 1P5 on October 1st 2023. Valid for: 3 months.

This is the only time stad.yalla-shoots.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3032::ac43:c9b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 19	2606:4700:303... 2606:4700:3033::ac43:8fcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
1	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.19.100.22 2.19.100.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
1	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a02:26f0:780... 2a02:26f0:780::210:a408	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:205... 2600:9000:2057:8000:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
140	38

2 2606:4700:3032::ac43:c9b5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3033::ac43:8fcc (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoots.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.100.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-22.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a408 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mcdp-nldc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8000:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	251 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	318 KB
19	yalla-shoots.io 2 redirects stad.yalla-shoots.io	228 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	48 KB
7	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 60494 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 62578	150 KB
5	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2100 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4294 odb.outbrain.com — Cisco Umbrella Rank: 2896 mcdp-nldc1.outbrain.com — Cisco Umbrella Rank: 38380	89 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	110 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	265 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	2 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 10282 flint.defybrick.com — Cisco Umbrella Rank: 9609	20 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	49 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 10850 log.outbrainimg.com — Cisco Umbrella Rank: 3073	835 B
2	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10377	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	135 KB
2	yalla-shoot.io 2 redirects yalla-shoot.io	1 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1858	63 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	5 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7392	5 KB
1	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 68138	8 KB
140	24

	Domain	Requested by
19	tpc.googlesyndication.com	d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com stad.yalla-shoots.io securepubads.g.doubleclick.net tpc.googlesyndication.com
19	stad.yalla-shoots.io	2 redirects stad.yalla-shoots.io
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com stad.yalla-shoots.io
11	securepubads.g.doubleclick.net	jscdn.greeter.me securepubads.g.doubleclick.net stad.yalla-shoots.io www.googletagservices.com
10	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com pagead2.googlesyndication.com stad.yalla-shoots.io
5	www.googletagservices.com	jscdn.greeter.me d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com securepubads.g.doubleclick.net stad.yalla-shoots.io
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	s0.2mdn.net	stad.yalla-shoots.io s0.2mdn.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	stad.yalla-shoots.io d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	securepubads.g.doubleclick.net d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com stad.yalla-shoots.io
3	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
2	flint.defybrick.com	rock.defybrick.com stad.yalla-shoots.io
2	googleads4.g.doubleclick.net	stad.yalla-shoots.io
2	csm.eu.criteo.net	ads.eu.criteo.com
2	widgets.outbrain.com	securepubads.g.doubleclick.net widgets.outbrain.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	stad.yalla-shoots.io www.googletagmanager.com
2	yalla-shoot.io	2 redirects
1	rock.defybrick.com	widgets.outbrain.com
1	mcdp-nldc1.outbrain.com	widgets.outbrain.com
1	code.createjs.com	s0.2mdn.net
1	log.outbrainimg.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	stad.yalla-shoots.io
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ads.eu.criteo.com	d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	jscdn.greeter.me	stad.yalla-shoots.io
140	39

This site contains no links.

Subject Issuer	Validity	Valid
yalla-shoots.io GTS CA 1P5	`2023-10-01` - `2023-12-30`	3 months	crt.sh
greeter.me E1	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-10-03` - `2024-01-01`	3 months	crt.sh
player.adtelligent.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-09-23` - `2023-12-22`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://stad.yalla-shoots.io/go/
Frame ID: 1D76B75D42B5418B736FF29E68C6F9DC
Requests: 50 HTTP requests in this frame

Frame: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4695825FA7DD3BEE2F4CEC5D2C1421DD
Requests: 1 HTTP requests in this frame

Frame: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 931F91F337499F332B2955FD79B3A785
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxiS_s3IATAB&v=APEucNWGo-aF7PGfB2dZjfZrPsrIF4a60Xy6Oz4eY6BLQkEvKlX3Wl6aUHtttGhPUdUqz1xmJVzuXLhOnaq6FdndylNF2h11yRyS9wsVUzMt2nPS9r04dLULxJ3d9GP356NUIc47-dRG4T-QGJd_5QcNXWLUvrxe7eVZ1zYHVsE66C7pT44bH_4
Frame ID: EDBF3DE3FAE7EE7EF50E8678A49476C3
Requests: 5 HTTP requests in this frame

Frame: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4072B0665ACA22CC91DCE18DA352A92F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 7E40F6575070B2E3E5C463AA0742D3AE
Requests: 15 HTTP requests in this frame

Frame: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A650AEEE0610ACDB1BF6D365565BC72
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR8XGwAPNIkK4CmEAAHYtUCm_7w_8mKDaRJf5w&u=%7CdHqe%2BCt5iqJAVbfjd2AakgVFGyJkwN9GMSVInx2eA6E%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZZW7YRztJ0nGFrv2w2qFM8p9ySDf7aIa5-i5i3V-0aCbb5owZxH4plLDSej38vpsuRJIt8LuhWAeKg1GOgc14FZ3FaywNhGwFRitZZowxOn_mhtT34H4ysDyPGP5m0zqKVvYU_LH0PH5WwfkLniYKd_e2BOaoLikPrD_WnZpCJZ0_0F0A6EFnSA3sg-Q0xG7t3pXIw6YrsPVAhu1cG2tfR4eHpsRo-buWC9pkM72oCWCkgetK2Jhr3N0d7gPmkMNB-Od1aXffKXkJDnuE8jMb2lXFGDITQDcKSD5smGdBmMlobEjHJFaLOvRSna5BePXN4ugQJKaO4vHQU_4PlvJ4u8Grbh30Fq3TRgMdHvIeMkZMjPEJHpXWOVIVv0KV0YizTp3AneyyhfgmjN8sjshEhmBa5oMs9gAZozcEdqRznm3INSv9zDR-vF0D0K00emUREdKJWvwL7pNEddsaE_YJGuHzG-qr2TCdjstP-2bun1UE2I_Nvcs-iYVI9y9l2wdbRLYb4tMak6S79eWJCpUWJw--zhoIYidlgIz1dzhD8WRQOqXowhgZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClpdCGxcfZYnpPITTgAe1sYeoA8me0rFcxYyL4JoBwI23ARABIABgkYSghYwYggEXY2EtcHViLTQ5MDM0NTM5NzQ3NDU1MzDIAQmpAqPKqSMRrbE-4AIAqAMByAMCqgSmAk_QbKU23nUWbPs9f62MLFSRnlwtZQWFWMWIz9fKlKZzRfVH_Wi6USStQoR7qE5eG6AFC_ujws3uNCKB456noj0OjnC8a2rtdDrKcAznuYruX-XPiGGB0tgnHDa9omE48QyS4gTOoor-g2XjzPXIkN5Li5kvF8jrDgo6doSsT7o4W6uEMWY428aKa1Hgk87do0k4tGO-6pzhHhNBVP-O7rp_cci8QfDyxtFhDGUHCCIou_qjr1rkWbfTdB7VvN5ZxrF8cOZJsiJ31yzJm0U5ddEQwGAPFtQ4dPz6C-t1jRkbrnHv0HY5bAZbsyvu0qf_vg-0Uk2rWOVaXpQpjkuTK1xUM-ldtu3SM87QjrfntI1YXjvjvtl0Bo4r7J1kVIbHKJzc4gWb-uAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OoHInJ2QgvCbVTYhaNzCM0ttQEQ%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: A8C035D815F08F70751F5FF93EF11E5F
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssla2wok3Yr6-mjmnQfhZDjA9UeQFiTGWALher6bVEo61wj2ljMCd0cx3jWXk3UuBDKoWxWzBjWtCUxZa4eCF6mLQE146IXRtmUXPuOFl8n6xP6T1eQta9ilKWq0w4gA-vgT_rFaRhNMlv-783_JTqVvOTG93bmHHO9Sy9FJ6ror_VQN5CC5r5JvkRunK1rtTQXv00s8iJknlzi9DaGMot-eeWwJsLJ_AlXa3q6_o8JR-vG1QsE0IGOFW8iOp5S9lbqLL-KlJrhoim8hp3SCPE-R9ysnQcvomPQRbn53Y2IfHB1ot5k7lvCVdxkK0q3DOKQRhTnAXqspInuBVo&sai=AMfl-YQc2HUElVn7CM_yM11XJRuq1dVyPvdlYbmq6-7OVuVoaYXKuvFw2anLrHIgZj-fI-afvz5yQEYNCkq3duApXTK26hQ6LiJ-koBBy_-FLyaHdYxyPBWR8BZPP87pVDTw1Ox8FPVl_ecOlUJefCs&sig=Cg0ArKJSzKBvqxVWGVjaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6DF8DFF2CA3D73CB5F3E9DA0785F99A3
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FEE3AC744D1BE32C654DA71B35CFD880
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F7AFC0FE3E537BCC7DD03F4A2189DF49
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC40FDEE9D8AB2E758470DDB77622341
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF5882A542BE38B7ACA125DFFF5CDDD4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 845FD8CF465515D558866850AB51739A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.html?ev=01_250
Frame ID: 1E73FA2E71DE921BE6FCA3C4EB651603
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: DBFE546459827BA150012834B4CD3C2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: 046FC7697A1DD2946EF9D5C9FAF2BA91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Page URL History Show full URLs

http://yalla-shoot.io/ HTTP 301
https://yalla-shoot.io/ HTTP 301
https://stad.yalla-shoots.io/ HTTP 301
https://stad.yalla-shoots.io/shoot/ HTTP 301
https://stad.yalla-shoots.io/go/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Page Statistics

140
Requests

96 %
HTTPS

66 %
IPv6

24
Domains

39
Subdomains

38
IPs

6
Countries

1870 kB
Transfer

4963 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yalla-shoot.io/ HTTP 301
https://yalla-shoot.io/ HTTP 301
https://stad.yalla-shoots.io/ HTTP 301
https://stad.yalla-shoots.io/shoot/ HTTP 301
https://stad.yalla-shoots.io/go/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR8XHCFYOFbuxfDvrPk-GAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMsmZonP5t9oQXXwVosoZfQ&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc4NTk5NDY0Mjc5MzY4MTgxMA%3D%3D

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

140 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stad.yalla-shoots.io/go/
Redirect Chain

http://yalla-shoot.io/
https://yalla-shoot.io/
https://stad.yalla-shoots.io/
https://stad.yalla-shoots.io/shoot/
https://stad.yalla-shoots.io/go/

71 KB
16 KB

62ms
61ms

Document
text/html

2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoots.io/go/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6e4053f9574e53f426671b068eb46d3d3c09c1f0fecb21effe1c51d48a3e96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8118480a6a4a0b3e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 20:05:47 GMT
link: <https://stad.yalla-shoots.io/wp-json/>; rel="https://api.w.org/" <https://stad.yalla-shoots.io/wp-json/wp/v2/pages/43782>; rel="alternate"; type="application/json" <https://stad.yalla-shoots.io/?p=43782>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUMem9sEQRiWbXPcvNIxQcIKlnm1bpJU21j3HEnIah%2BqqhFlRzBgoRcCIFqejAVXm7tRDtJDUFENCxYdsbLcCu6VhafiumRGhSbwZzKBzSXGcp3Yh8Pkc%2FlicdU6omngLCuVDBCi6oVnzKDaGtI%2FYrotIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8118480a09c20b3e-AMS
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 20:05:47 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://stad.yalla-shoots.io/go/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCoQIhZqHNQATfp9M7DpXb%2Bzlh%2BfFw8wq5KfloV022ik8%2BrRBIAB0h%2FK0ItvBydna61kmzWH%2FwPz3UA%2B9zhlRHoGk6yI83vjRonvg1wrvq1%2FwTpL6kiFk02Py6%2Fxuc7IRoRhLS9740Jee2GlX4X4jNeCtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS
x-redirect-by: Rank Math

GET
H2 200 logo.png
stad.yalla-shoots.io/wp-content/themes/YallaShoot1/img/ 4 KB
4 KB 36ms
35ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/themes/YallaShoot1/img/logo.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6378
etag: "61d0a554-fff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEa%2BCRwfRor%2BSeVoonKRUbZxKmTA9HA1kAKwxJ8Jo5WAC2sUvIZQFLHP%2FqRU7mVmF0%2Bd09dTThId4CQwKxXsCGUITCwxMBc0BCFjwhHVaRRoVkSS6VDKEvg1ar%2F01SErHAp7rqoxKVQBRBwmVT0ha9GdAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480acaf20b3e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4095

GET
H2 200 yalla-shoots.iohead.js Show response
jscdn.greeter.me/ 8 KB
8 KB 107ms
29ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shoots.iohead.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

9c75ed7dcac54582bde4d7cc7a157c2983ad19b687440bea4aadacca0437176d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 26 Sep 2023 13:53:03 GMT
x-amz-request-id: tx0000059e53ad0c95d5638-00651f0f90-bc9e29a7-fra1b
etag: "a79ba8eeb14b0dd8df980090821f75d3"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1696536347.dop250.am5.t,1696536347.cds279.am5.hn,1696536347.cds125.am5.c
content-type: text/javascript
cache-control: max-age=1669
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8258

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 202ms
72ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2a516627f96028b5642712a3a82f6df00004e0bbd9ce7dbab14d89c3d3d2f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 20:05:47 GMT

GET
H2 200 lazyload.js Show response
stad.yalla-shoots.io/wp-content/themes/YallaShoot1/js/ 7 KB
3 KB 34ms
34ms Script
application/javascript 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoots.io/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1043
cf-polished: origSize=7327
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
etag: W/"61d1caae-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfJf%2F%2F6KfMBfCnEYVlxMdoHtpyAzaWSw9Y0cTC52s5OTU%2FBBdBwP4Li%2FLoarjpqWrTLGl%2FyuAxo8yvTdZM%2B9yVVRKzPhQ%2BMT761VtrfiOpe4LPyeZYrFrzxZqYUYuOsO2n4vkXQAqiClGIaMOOgpYy9xbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8118480afb210b3e-AMS

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 NeoSansArabic.woff
stad.yalla-shoots.io/wp-content/themes/YallaShoot1/fonts/ 56 KB
57 KB 38ms
37ms Font
font/woff 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoots.io/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://stad.yalla-shoots.io/go/
Origin: https://stad.yalla-shoots.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4346
etag: "61d0a554-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBm9m%2B7N5mCt2zGHG%2FfcYIcAqjeVqJ0Y24a0LUY7X12RhQDEuZXTawwT4C7dIa7D4mIHMjZK4E%2F9bKHK4wCKN7matLOCj6hjsD6%2BjX%2FYT2I5XDQE4UIx7MOd4pzMdyTlPMIhZQJMwyKysCRHMMs1Nm0PDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480afb1f1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 57364

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Chicago-Fire.png
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 9 KB
10 KB 57ms
56ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/Chicago-Fire.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6ff2d576ea8fc006a73839ebb271195a1ea45576bd5b3cf5f5bfdb00b45d36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 12:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5527
etag: "65157897-2426"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMS2wK4DdNmM5sJp0RCqaMdRIP0hLefhbOXywXbBmWFYXBJHI%2FahYojIzSJBGecqkQ5pH5t3YcF9tyd6C4z2TONGFCEaSumTYVdDaRtzxTBO5EIXvoBizXbnBSmQiKmxIl0AKkOYH3hg4SY9g5bu2nrOcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b2b6d1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9254

GET
H3 200 s0YO0sK9qrioMnzJuFGKuw_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/08/ 9 KB
10 KB 81ms
79ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/08/s0YO0sK9qrioMnzJuFGKuw_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5da8cad1c90cc27b19c1c4c7f1122f8f30b9afee90e93ff33b5f84009a004dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 01:59:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5389
etag: "6117236a-24ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOPa8kwPTAA%2F%2BDK1Vis9KzoS%2B%2FEGItEwGpUMbLkWb%2FQydwIJahhC7EBuZdp3pv62HquaVP5Kz%2FMx7AVoLAQVaPn%2FpVRqlUDHPyviVih%2F2PHpSYl%2Baq5TEWH11hsEEKddgJ6KEq7nzWaVxCC4M3LG8Uvb%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b741c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9422

GET
H3 200 bXkiyIzsbDip3x2FFcUU3A_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/08/ 8 KB
9 KB 57ms
55ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/08/bXkiyIzsbDip3x2FFcUU3A_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657417a00a5ff05306956083ba5be0114389aa87fbc9a75aef1441c9f9eda1ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "6117d55d-20c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H2hcdF6Z3b33Zz0JFMFMtcqWm5Du6c9GfWhfCbjzfeBbXyw82xhfFYpnxblwPI3KwGFjb1j3XksrwINNtbTbQ0oRe06CLL03ah4jYFeY5wCdcK6bVvX6vUlYi9xhwW4NEW98wLxQysXxj6EMCmb6WxuMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b761c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8387

GET
H3 200 KfBX1kHNj26r9NxpqNaTkA_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/08/ 5 KB
6 KB 84ms
82ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/08/KfBX1kHNj26r9NxpqNaTkA_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1477a8e80169945bbcba02642cdb13f2068511fd3e258d94bbdef5ee5cff167

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:59:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2962
etag: "6117da6e-15c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlvIyDNvjxS2Ocqvfkl01CAwPzCaEn%2F%2F8CgyuUfN2kH5NpXo62cBJ1G7q2cYLQVWJV0HVyuzYzrUtq9DUCQeCQRDNqA4ZEhz8bM8wgpZOYna1VzKeETvUohHXLBwB%2BCRXPKhqoQ94fdl6b2IzTEaeRCJlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b771c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5574

GET
H3 200 EKIe0e-ZIphOcfQAwsuEEQ_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/09/ 10 KB
11 KB 84ms
82ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/09/EKIe0e-ZIphOcfQAwsuEEQ_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a4708d91cdff04ad42019f79796d44559568f58f4689b3d5490cff3e9c83e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Sep 2021 14:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "613cb99c-288d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D89sTdoGWgpVczWAKDrhPucUZcB%2FUNW63T%2FrOJoWR84IAc363aJFt%2BMC%2FA3mc8X6c5vnar52nMSXXRd7anevh8ef6hh0gtAbcGsYh5vQz64ODneZ4ejvcV1ra%2Ba611oW43Mee0HnZcH7Xg6cH5TZqrzyFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b791c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10381

GET
H3 200 0iShHhASp5q1SL4JhtwJiw_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/07/ 12 KB
12 KB 84ms
83ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/07/0iShHhASp5q1SL4JhtwJiw_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3951ee776ddd1c565f08b4784352be94d617e14f6e56bcdfd8c57b87855d89c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 03:35:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "60fa38f4-2e86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRicixTsTJEX%2FTPIXceWfZ682mSxAtfeOQtzXiGbbn4ABYKpju4JeWV%2Fk0q4WRdhxkAQTo3N9OsjSVeyBmMgJhBtnNZFQSx%2FzgXcj4s9AEDTW5eYn6teQV2QUsRkw5VtRRTH4NNtz9dNudvA6uLbVaKEng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b7a1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11910

GET
H3 200 Union-St.Gilloise.png
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 8 KB
9 KB 85ms
84ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/Union-St.Gilloise.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babb6be00eb0ca4a1cb59947d34b1c310be422e32420db9d17681f23c6caeafc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 13:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "65157938-21fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ3ezPSWa62G50wccQFdf1xUoltvw%2B%2Bv2RBsja8oX%2BPB2aQocclOXmvV%2BsXXIFes8XTqwDbBUf8J7iH4JLUeiGE3%2FHILkk2jel72AOC1Li52xth34Tl1pqJLHzfXXenpn%2B%2BtEwM3%2FAtEmXG%2Bp4HQTxT9sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b7b1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8700

GET
H3 200 BQdP4jUBFJfG7U_JBsFIMg_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/08/ 5 KB
6 KB 87ms
85ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/08/BQdP4jUBFJfG7U_JBsFIMg_96x96.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfdc97b4cb6d41df37a2ea5884ad93ffdc942e1a923c3cfa2679c36148da631c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 02:57:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "61173116-150e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKYQzVQfFrhTP3Yxa8Ho5t42mRZbI2%2Fjy22l8rgakEXFH%2FaNIkqoDN8WqLO4OJuJEhN2OJkhHGHx0p4SWPySL%2F3A%2BfpwL%2FqcsV0dZI7QdDVTH3%2FfPb954V4jtx5Gc3i1B5otvlWQB1BJhz6%2Bo5OHNPDgAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b7d1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5390

GET
H3 200 Servette.png
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 3 KB
4 KB 87ms
86ms Image
image/png 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/Servette.png
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f88a0f9aec3b4424867bf2af633e9a2f6888464367958b8b01673d13e9eb1ff4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 13:02:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5569
etag: "65157980-c36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGulK3vYwYyWholIsPTC9sME6o07Z15NgMC%2Bn2o9NtCtvz8oyIeEyJoy7B59PyaATZyWQNClZRozzh%2FV%2FXf1YWl3j0Z%2BiJytXVO6gEegfN1zmch9KQse8byDGhOslhmTaAn8Tv9sCO%2BGvayUBNWPf1F8%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b7e1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3126

GET
H3 200 images-2023-09-04T070154.723-300x200.jpeg
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 19 KB
19 KB 87ms
86ms Image
image/jpeg 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/images-2023-09-04T070154.723-300x200.jpeg
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c1ec09b5bbb87d55d2caa54355a52c21654f73c291b7b5545825b9ee76f805

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 04:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5279
etag: "64f556bd-4afb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Kn3wuecMNY1mJIXc835%2BXHdTaF%2BJr1dKGCw4Z8aA04GGCGmwShVofcFIVZ3bJqX9nlMSvkg8CyelUsmgMcyh4V7RW6fGrcs4UirKsx0kWlmlo27ahNIlgfXdyYl00i11nAvjroDO8LMJK4RCUK2cksZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b7f1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19195

GET
H3 200 images-2023-08-27T062821.411-300x199.jpeg
stad.yalla-shoots.io/wp-content/uploads/2023/08/ 25 KB
25 KB 105ms
104ms Image
image/jpeg 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/08/images-2023-08-27T062821.411-300x199.jpeg
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8685f9a8a107e1d7dedb79bcaa538e619c2f34200968743a9bd583407fe9aea0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Aug 2023 03:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5222
etag: "64eac2e7-6238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BV4%2B22DoFCwUQl%2BFzsrhT6egwzojhcGfaTYeA%2BJBUWvQhBdQX8JC7JQx2pXjpauoeaqFGymboIkHwFHdJYK%2FXAAjFWf9q6yJZFfTBXnfJOzJET%2FimmoIH8%2BST2WV8v3UEepSyFGTnqHgCquVXGIdRQcqyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b811c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25144

GET
H3 200 dreamstime_s_243466086.jpg-4-300x200.webp
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 12 KB
13 KB 108ms
106ms Image
image/webp 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/dreamstime_s_243466086.jpg-4-300x200.webp
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcab776c641ec8bf9187c7c9cb1fad4cadc4c0759b2777c77b568c45644f9d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 21:17:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6023
etag: "64f10373-3160"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L85y0LQKCnlH%2FSOBzCXFtClXHJj5Ck1wjcRYuoUWnODJQ67DIbJPckr7yTmy55Ygpm7IsK%2Bud%2B%2F5hW3PBnCuoYB%2B0oG6fNtMbPBQgIbECBG9TsCMsDHXL3bgeeBNtOzon1sFOFUrC4PBEtc1mHhDdV9ERw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b821c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12640

GET
H3 200 20230614_012457-300x200.jpg
stad.yalla-shoots.io/wp-content/uploads/2023/09/ 15 KB
16 KB 109ms
108ms Image
image/jpeg 2606:4700:3033::ac43:8fcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/09/20230614_012457-300x200.jpg
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba08e170de5661ef26ff0c9ed9337c39cd2980feafab26809424ffc37e858aa8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/go/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Sep 2023 14:58:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5219
etag: "6507142e-3cd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbqGOuFQRu%2BTp5S8BGNIAionNOhmSyxOkWmoyk5m2U6fohOP%2FbWcDHLE79JHzzJhTDSUm%2BKXq%2B8ZEMDkTwKOVEdbmhyJKt8xam6KvFGXs%2F3eZwKFHmhBZ9aE7pkmLJDRs0AYVzY5Q5MPHP8YJ7kNI4JRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8118480b3b831c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15575

GET
H2 200 hb_751017_18384.js Show response
player.aplhb.adipolo.com/prebidlink/1406925346303/ 922 B
777 B 218ms
119ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/1406925346303/hb_751017_18384.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.iohead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d88a0078976bfdb8d7fba9098d13b7ae41670bd8e3db8389365c4cc2e272afa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 12:29:46 GMT
server: nginx
etag: W/"651eac3a-39a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 05 Oct 2023 21:05:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 207ms
116ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.iohead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f294074864a2eb59c242f19602195ec74909535f4a6d67e23db0dc481ad9c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29639
x-xss-protection: 0
server: cafe
etag: 297 / 19635 / m202310020101 / config-hash: 4782658329373718188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:47 GMT

GET
H2 200 wrapper_hb_751017_18384.js Show response
player.aplhb.adipolo.com/prebidlink/1406925346303/ 2 KB
1 KB 209ms
111ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/1406925346303/wrapper_hb_751017_18384.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.iohead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5f28898134b021cfabd2843e6ca31788802f7b18bf82c22c7088b2f41c0e7ae8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 12:29:46 GMT
server: nginx
etag: W/"651eac3a-86d"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 05 Oct 2023 21:05:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
29 KB 205ms
132ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.iohead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e963ec71c82212a9764cd33789d92d2a5a411b71be60b39000a8a3826a8515f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29637
x-xss-protection: 0
server: cafe
etag: 633 / 19635 / 31078562 / config-hash: 4782658329373718188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 70ms
67ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a153ed8cf2a7eaf75b6979bca9f236eebf4e4754924755fada2c8569baf0f3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 20:05:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 185ms
58ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 854
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 21:51:33 GMT

GET
H2 200 hbw_master_751017_18384.js Show response
player.aplhb.adipolo.com/prebidlink/xO_41/ 121 KB
39 KB 37ms
35ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/xO_41/hbw_master_751017_18384.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/1406925346303/wrapper_hb_751017_18384.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a4361f33a3a089c65dd3e5a264fd052d85ae097e28b9d3c497c5f6da9aab2676

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 12:29:46 GMT
server: nginx
etag: W/"651eac3a-1e474"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 05 Oct 2023 21:05:47 GMT

GET
H2 200 hbp_master_751017_18384.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 338 KB
108 KB 66ms
66ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751017_18384.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/1406925346303/hb_751017_18384.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 02d98c9c4e9b2ab0f334f76dd7e9c06c61b0a488f2b6b37a24c5f75d134d94df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: gzip
last-modified: Sun, 01 Oct 2023 10:28:27 GMT
server: nginx
etag: W/"651949cb-5492a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 05 Oct 2023 21:05:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 421 KB
132 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32031
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135332
x-xss-protection: 0
server: cafe
etag: 13275702515393991500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 11:11:56 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 154 B
430 B 164ms
30ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/xO_41/hbw_master_751017_18384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ff6cd029a787285d3bb16e2578fe5c26563da4599129d6f2502da8d310d136b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 20:05:47 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://stad.yalla-shoots.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 154

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
439 B 164ms
31ms XHR
image/gif 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=751017&site_id=18384&full_page_url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&adid=dlxrus.ib&features=81952&vpbv=N177&tte=296&lifecycle_tte=859
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/xO_41/hbw_master_751017_18384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 20:05:47 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://stad.yalla-shoots.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 101ms
25ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751017_18384.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 697ed151aeae8243ad108b06def90595a8c88d6567e48aaa80212c8fc661b9cd

Request headers

Referer: https://stad.yalla-shoots.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

expires: Fri, 06 Oct 2023 20:05:47 GMT
date: Thu, 05 Oct 2023 20:05:47 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 12:01:19 GMT
server: nginx
etag: W/"651d540f-2ac0"
content-type: application/json
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: max-age=86400
x-proxy-cache: HIT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 92ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y3HW36EKK&gtm=45je3a20&_p=1738509769&cid=877716474.1696536348&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696536347&sct=1&seg=0&dl=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 181 KB
50 KB 508ms
507ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316601628951147&correlator=4246260944591722&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=7047%3A22689168218%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=64332592&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536347913&lmt=1696529147&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=877716474.1696536348&ga_sid=1696536348&ga_hid=1738509769&ga_fc=true&dlt=1696536347310&idt=550&adks=1920405347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dea34b5630d50938879558feb2ecd3680972452de6fae7aa3ab9352ce132c280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51504
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
17 KB 418ms
418ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316601628951147&correlator=3796824334279884&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=7047%3A22689168218%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&didk=3906832359&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536347924&lmt=1696529147&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=877716474.1696536348&ga_sid=1696536348&ga_hid=1738509769&ga_fc=true&dlt=1696536347310&idt=550&adks=3768416471&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6fffb8c4e4c1156bda92f86cb80d6de777461ff75366d805f91d4d0140ba5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16901
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4695 6 KB
3 KB 221ms
72ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Fri, 04 Oct 2024 20:05:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 37 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13142
x-xss-protection: 0
server: cafe
etag: 17226072091034798249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 11:43:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
14 KB 488ms
488ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316601628951147&correlator=2903161880440647&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=7047%3A22689168218%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=3&didk=2675907388&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536347959&lmt=1696529147&adxs=650&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&vis=1&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=877716474.1696536348&ga_sid=1696536348&ga_hid=1738509769&ga_fc=true&dlt=1696536347310&idt=550&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=3344660977&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e9c49c54f308e7242fbd47d377f93b7c77067be0a48ac966da8120287627cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14673
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoots.io
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 296ms
296ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316601628951147&correlator=4401402304338286&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=7047%3A22689168218%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100&ifi=4&didk=2675907386&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536347962&lmt=1696529147&adxs=640&adys=168&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&vis=1&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=877716474.1696536348&ga_sid=1696536348&ga_hid=1738509769&ga_fc=true&dlt=1696536347310&idt=550&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2356448292&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5deb17ab9437b32fae5343c4dd0e2398ee0cc6f7fe229160dcf02e46f501f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10091
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 490ms
488ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316601628951147&correlator=1115938097589102&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=7047%3A22689168218%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=5&didk=2675907384&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536347964&lmt=1696529147&adxs=740&adys=958&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&vis=1&psz=1000x0&msz=1000x0&fws=4&ohw=1000&ga_vid=877716474.1696536348&ga_sid=1696536348&ga_hid=1738509769&ga_fc=true&dlt=1696536347310&idt=550&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2399985986&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78720bec4318a4c64ba4820cf661f1be4744fd6aadb2dacf751affc16a86b88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0
google-lineitem-id: 5850403633
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374456614
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 66ms
65ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1738509769&t=pageview&_s=1&dl=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1822243278&gjid=1309954199&cid=877716474.1696536348&tid=UA-107335079-1&_gid=1842275057.1696536348&_r=1&gtm=457e3a20&jsscut=1&z=1852248345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stad.yalla-shoots.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoots.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 255ms
114ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

695ba20729ab405962de046a39ad732c82675c58fadd8ceaba47a85378041441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12081
x-xss-protection: 0

GET
H2 200 container.html Show response
d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 931F 6 KB
3 KB 62ms
62ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Fri, 04 Oct 2024 20:05:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EDBF 624 B
827 B 220ms
104ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxiS_s3IATAB&v=APEucNWGo-aF7PGfB2dZjfZrPsrIF4a60Xy6Oz4eY6BLQkEvKlX3Wl6aUHtttGhPUdUqz1xmJVzuXLhOnaq6FdndylNF2h11yRyS9wsVUzMt2nPS9r04dLULxJ3d9GP356NUIc47-dRG4T-QGJd_5QcNXWLUvrxe7eVZ1zYHVsE66C7pT44bH_4

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Thu, 05 Oct 2023 20:05:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 931F 89 KB
31 KB 251ms
142ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 931F 42 B
110 B 246ms
137ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv-krksz5Ydu-EyPCFIPkOucmwC7wOGdRZO57ewmrvFja1p3pNZZTgktcpLceGYx_R7Z1_sWR0SmrJVHIeJ1vafkM_8LStQfuSm-zu7sEVcS_9XLU

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 931F 0
349 B 244ms
134ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13069682230842757302&x=1&ct=76

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 931F 3 KB
1 KB 288ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 931F 20 KB
9 KB 287ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 931F 187 KB
59 KB 75ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 container.html Show response
d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4072 6 KB
3 KB 74ms
63ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Fri, 04 Oct 2024 20:05:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 7E40 223 KB
62 KB 149ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 09:05:22 GMT
age: 212426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 09:05:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 7E40 15 KB
5 KB 214ms
101ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:44:02 GMT
age: 26506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:44:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 7E40 94 KB
28 KB 223ms
110ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:07:53 GMT
age: 35875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:07:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 7E40 5 KB
2 KB 222ms
109ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 15:20:34 GMT
age: 17114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 15:20:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 7E40 40 KB
13 KB 232ms
120ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 07:07:22 GMT
age: 46706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 07:07:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7E40 14 KB
2 KB 171ms
59ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 19:02:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E40 3 KB
3 KB 146ms
37ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:42:31 GMT
x-content-type-options: nosniff
server: cafe
age: 69797
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Fri, 06 Oct 2023 00:42:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7E40 344 B
449 B 196ms
87ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 47247
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 06 Oct 2023 06:58:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18435693683260984021/ Frame 7E40 38 KB
38 KB 162ms
55ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18435693683260984021/14763004658117789537?w=600&h=314

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fad41dde5d9fc1a33e0fce83497cbe0601b1c7fbc152e3a877400115f66c1ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:33:22 GMT
x-content-type-options: nosniff
age: 88346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38854
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 06:11:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 19:33:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1058049896928395886/ Frame 7E40 4 KB
4 KB 190ms
84ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1058049896928395886/14763004658117789537?w=100&h=100

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f19d54f4ddc466c0a39b4ec70c7bb7b591ad8a549851bee87dc8ffc64f76a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:45:19 GMT
x-content-type-options: nosniff
age: 26429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4240
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 06:11:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 12:45:19 GMT

GET
DATA 200
OK truncated
/ Frame 7E40 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43f6ac80b45416e09bc25de9b46d5b9893c8d7104cae720a37037e60744f3272

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A65 6 KB
3 KB 70ms
67ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Fri, 04 Oct 2024 20:05:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A8C0 146 KB
48 KB 253ms
139ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR8XGwAPNIkK4CmEAAHYtUCm_7w_8mKDaRJf5w&u=%7CdHqe%2BCt5iqJAVbfjd2AakgVFGyJkwN9GMSVInx2eA6E%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZZW7YRztJ0nGFrv2w2qFM8p9ySDf7aIa5-i5i3V-0aCbb5owZxH4plLDSej38vpsuRJIt8LuhWAeKg1GOgc14FZ3FaywNhGwFRitZZowxOn_mhtT34H4ysDyPGP5m0zqKVvYU_LH0PH5WwfkLniYKd_e2BOaoLikPrD_WnZpCJZ0_0F0A6EFnSA3sg-Q0xG7t3pXIw6YrsPVAhu1cG2tfR4eHpsRo-buWC9pkM72oCWCkgetK2Jhr3N0d7gPmkMNB-Od1aXffKXkJDnuE8jMb2lXFGDITQDcKSD5smGdBmMlobEjHJFaLOvRSna5BePXN4ugQJKaO4vHQU_4PlvJ4u8Grbh30Fq3TRgMdHvIeMkZMjPEJHpXWOVIVv0KV0YizTp3AneyyhfgmjN8sjshEhmBa5oMs9gAZozcEdqRznm3INSv9zDR-vF0D0K00emUREdKJWvwL7pNEddsaE_YJGuHzG-qr2TCdjstP-2bun1UE2I_Nvcs-iYVI9y9l2wdbRLYb4tMak6S79eWJCpUWJw--zhoIYidlgIz1dzhD8WRQOqXowhgZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClpdCGxcfZYnpPITTgAe1sYeoA8me0rFcxYyL4JoBwI23ARABIABgkYSghYwYggEXY2EtcHViLTQ5MDM0NTM5NzQ3NDU1MzDIAQmpAqPKqSMRrbE-4AIAqAMByAMCqgSmAk_QbKU23nUWbPs9f62MLFSRnlwtZQWFWMWIz9fKlKZzRfVH_Wi6USStQoR7qE5eG6AFC_ujws3uNCKB456noj0OjnC8a2rtdDrKcAznuYruX-XPiGGB0tgnHDa9omE48QyS4gTOoor-g2XjzPXIkN5Li5kvF8jrDgo6doSsT7o4W6uEMWY428aKa1Hgk87do0k4tGO-6pzhHhNBVP-O7rp_cci8QfDyxtFhDGUHCCIou_qjr1rkWbfTdB7VvN5ZxrF8cOZJsiJ31yzJm0U5ddEQwGAPFtQ4dPz6C-t1jRkbrnHv0HY5bAZbsyvu0qf_vg-0Uk2rWOVaXpQpjkuTK1xUM-ldtu3SM87QjrfntI1YXjvjvtl0Bo4r7J1kVIbHKJzc4gWb-uAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OoHInJ2QgvCbVTYhaNzCM0ttQEQ%26client%3Dca-pub-4903453974745530%26adurl%3D

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b3636c3935521cdc3fef66c56f5e90dd7b3be758d426c040882cb0deb0c140b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=URmY1OCJ7FojNVl5R0sAWg9YQUjqKy5gCENBG78o1OyR6q6Hi8tGsqHwZOa75ZkVo2eXRtsI0Grodo5de5ZtSmRkBukzAbdRh0OvumswUIjvQgNpvySMMnaxBsQeYW9E9Y89y0t9Yi09HRz5BUGWwx9fbfhQoPTfhWoazgH0xPhPoc30V8NouNkr8GV5j_Lq19lChvxVGMbEv9h1BCme9mHwYNWmjBpP06smIsI4jCs67Z7dGZ3MepTkPpupw28rH_fIiw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74267337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4072 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4072 20 KB
8 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4072 24 KB
7 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 567099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4072 187 KB
59 KB 1620ms
1620ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:50 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EDBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1

43 B
337 B

97ms
47ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxiS_s3IATAB&v=APEucNWGo-aF7PGfB2dZjfZrPsrIF4a60Xy6Oz4eY6BLQkEvKlX3Wl6aUHtttGhPUdUqz1xmJVzuXLhOnaq6FdndylNF2h11yRyS9wsVUzMt2nPS9r04dLULxJ3d9GP356NUIc47-dRG4T-QGJd_5QcNXWLUvrxe7eVZ1zYHVsE66C7pT44bH_4
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FtB8DjVP%2BQCt3CTM1ECtGm0zVgotgGYCkH5CaKapB23HaGGNvtzYcgCWkZpT%2FY7Qvd74Qpti1uHWtpnMux2VKlas5aHzyf7C7NSrAvjgguGj5fSJIE1NhVymD7e1Ed7RChJn%2Ftwo51TRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81184814eb7806d2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EDBF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR8XHCFYOFbuxfDvrPk-GAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1

43 B
775 B

70ms
51ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxiS_s3IATAB&v=APEucNWGo-aF7PGfB2dZjfZrPsrIF4a60Xy6Oz4eY6BLQkEvKlX3Wl6aUHtttGhPUdUqz1xmJVzuXLhOnaq6FdndylNF2h11yRyS9wsVUzMt2nPS9r04dLULxJ3d9GP356NUIc47-dRG4T-QGJd_5QcNXWLUvrxe7eVZ1zYHVsE66C7pT44bH_4
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Qs56y9G96QY%2BYAIa1wzL7YXzqYYZdP5azsh5%2FFiLCGs40npgg%2B%2FtL%2FmkfBJj4pPBYRPCSUak1lCPcOuuQzuDaojUucZRuqkC%2FReoUANJ2qrfytNPFCIA2BH5Pjp9%2FW6KjR6hmPpQp6RSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811848178f955c43-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdxtXXOi9Gdo_b1sPyNo0k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame EDBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMsmZonP5t9oQXXwVosoZfQ&google_cver=1

43 B
839 B

73ms
23ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMsmZonP5t9oQXXwVosoZfQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCfmO2iAxiS_s3IATAB&v=APEucNWGo-aF7PGfB2dZjfZrPsrIF4a60Xy6Oz4eY6BLQkEvKlX3Wl6aUHtttGhPUdUqz1xmJVzuXLhOnaq6FdndylNF2h11yRyS9wsVUzMt2nPS9r04dLULxJ3d9GP356NUIc47-dRG4T-QGJd_5QcNXWLUvrxe7eVZ1zYHVsE66C7pT44bH_4

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
an-x-request-uuid: 52887b51-676c-49c4-9a6c-8ee338a0a3bf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.108; 31.204.153.108; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMsmZonP5t9oQXXwVosoZfQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EDBF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc4NTk5NDY0Mjc5MzY4MTgxMA%3D%3D

170 B
243 B

53ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc4NTk5NDY0Mjc5MzY4MTgxMA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:49 GMT
an-x-request-uuid: 5f83ce55-8dad-4d0f-95a2-3aef40071bf5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc4NTk5NDY0Mjc5MzY4MTgxMA%3D%3D
x-proxy-origin: 31.204.153.108; 31.204.153.108; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DF8 0
0 93ms
74ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssla2wok3Yr6-mjmnQfhZDjA9UeQFiTGWALher6bVEo61wj2ljMCd0cx3jWXk3UuBDKoWxWzBjWtCUxZa4eCF6mLQE146IXRtmUXPuOFl8n6xP6T1eQta9ilKWq0w4gA-vgT_rFaRhNMlv-783_JTqVvOTG93bmHHO9Sy9FJ6ror_VQN5CC5r5JvkRunK1rtTQXv00s8iJknlzi9DaGMot-eeWwJsLJ_AlXa3q6_o8JR-vG1QsE0IGOFW8iOp5S9lbqLL-KlJrhoim8hp3SCPE-R9ysnQcvomPQRbn53Y2IfHB1ot5k7lvCVdxkK0q3DOKQRhTnAXqspInuBVo&sai=AMfl-YQc2HUElVn7CM_yM11XJRuq1dVyPvdlYbmq6-7OVuVoaYXKuvFw2anLrHIgZj-fI-afvz5yQEYNCkq3duApXTK26hQ6LiJ-koBBy_-FLyaHdYxyPBWR8BZPP87pVDTw1Ox8FPVl_ecOlUJefCs&sig=Cg0ArKJSzKBvqxVWGVjaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 6DF8 232 KB
84 KB 203ms
102ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2ecadd07af582ed55ba036b234cd50ca82b5b80c685d962dc3ebe1b51116e01f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "14-Vl41YVxu0uN36vP5SD6GaHcs4fw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 830d03258f2859c2c398e5b499f827b
timing-allow-origin: *, *
content-length: 85580
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DF8 187 KB
59 KB 1612ms
1593ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:50 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 931F 0
56 B 174ms
150ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9430481486900&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 931F 0
56 B 149ms
142ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9430481486900&version=m202309260101&ct=76&x=1&cor=13069682230842757000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 931F 90 KB
38 KB 79ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_pWGyxrAQuYINZ9FUpPIYsBW_GLx6CgtSWT-aGfKwPcaS7hQpMYETKOqS1esIM8Mj6MvW4dWCkHlLNEvVapar5Oe3ng&cry=1&dbm_d=AKAmf-Bok_kjcRPxNLEz1dhKYthXeWXL0_9Iiqi3vqZvjV-Ez35EX3ynHLE8kcXlo0Q9rWEkNKzQTC93JDPumy2RJSa4g8LUbPLY_-nDVxuQ5kdEAZKDM-qFMQppySXNkaZFOl8tv1R4zeQsiy3IwkdwxA2WpCIeC7NcBILr9OaiDfS-KrdjPNpdc8gAyyNcK929cvdEJjeYE4Kxe5hzRRj161MUKXHm8q_IyD49HnHY6_Rd1rJze-5aI_dPwhCcZrpIevv29eQsANGAERWp13lSemEhVriZcQn2boSHhRfy3VbH7HcAdSAIfZBcTO5lFgBcObRObxFKJwMk1T8BFdypARSDB1YBKSOcsmquxydoeP2_ohQnHfgVQIds5kpTIiDzCP0RMJudjRN_qOHiZJ2cuC-Xms0eHC0pZUM_fqsL7l2uJFK4Qdm6pxp7rpjNMMD3HoWrHpVSj2KVApvhiI16x7gAmMwT696KComz9t72e2FlnXFbBYDF5CQ70wHNrbwLt5kVP7-0AXGx5Oj43Y_O9lSdk3cU5m55_tYrxnBoOc_6oEiT6iI_3FqV0QylHfSDdmctPEBju8hjKfvyjUPeCTL62-oSa0ZDO9Rw-mROj0fNLR4RjYPDRjxsE17P10uQRDMTdSWuW8sL0apX1CeUxRea52eRp6I6gR94w_hdX7bqzXD7nSjoE7AdIcFwzEWtNuqso6009Ttcqqgp93SWGu5KZWXUT-eD-Y2OL_aJpUO8SdzLy0gBfkNRCykkHGdYIaDRbCLw78UHlyA3WWSHrJjF_syC5p5iwTDZhnNcxPIlkba6fnUeLSX2r6E-o-EgethqKBiTTkl9omsznXW33pHB6MgUZx9H169uesmiksGK7ezRNNkG1V3QF8G0DGou_M4o0F8t_1yq1MaI-F3XO2ITncaluUPoRinqTRV8e4m1ybhSHPJYc_VUX8Qai2EVp1FxF9IuntpO4TjdywunqP7zUEb3m4Grd4Ox94dhYrJmMnrYHHVu930pA-KPyrAnw1ta83VBdvi9V5WBqp0xFxuYkFWgcofYAJkC95B7ut2TitOf68wi37EiStHVLR7wf0tla5AY5oFkZkbvuzY30cQpuK0eq29e5fpKHt0FTUNJlVC2IMZGnRTEOJrGa-YdSnKrZra-YL6bFCyWZgo1s7bCDtXj2b3Fy9RB5IA4AqgQxFdJyQq70loeyRbAJD3KIXYcsZYul8iPCKC4Ts21tsBo902wkkKCLjdhdOvOQACzx4ZG3F572dUNMg2L3mQgAuMWRCzzKDBAVUt3NgTw4G1InAcwW5udSKokKaLuyo72luXvHihnmJtVV_31qcL3gMcFBBrmFwRn037fklRQBtjJaJxp2n3GXQpypOKjTh-sNqh6NMCnnSHSOoxUFupWJu6lv8hPtzBgFQkx3X0SaUUMPxKnASp7J82S9L0FYk2ilEm5_E3UXeshUc-Vg2uLWJ31Mp17bMLczFG_-eqLqWpfZ4uOgDAzNOKX0GGpkxNLF27vhMpu1P1x14hgKMltLKCX6-34xWGhA6-qUUUqzIlO0xuEb7oCqnEWvXHGcUT0Znkn0TbNw1kxLw74DPLbLFDknyVZb9O42hS3n-crK_YLe7fPCN74Z7jzrJ3sawZjpA7I9lHdPtsIDI7wYjsTcL8MVH3v22ibYdG9Tsr6RNgtyPK8bMsB_GHTjiTbXlZOxnGROztt3Iex3zU6p3oaSkmbliu4SNpUKOOl8PL7UpEkIhl4oYVRhrVJQyKdC1KstLI_1QfFsW0ikHOBzYxxbs6oO9GgspKFTrLah4QDZgNKJkBW8cPmHq1hynQ5dAg5Y5hXW6aMNjijziuSo1_xmXThSA3StTfuMr1tywUZmc0DHmEcW3rGPonSp6w3kmoIxNzZHll8UMEQBGQvD5xzOb9iiwyEcHPT1eoA8Ptxck_257Zf7Sj31Ica5ss7Hm-WgoteuU80CXkCv_47Dj_mJwQfx5cDO-9Sthi-xqXflASixWFsA4OHTA4BT6RJOISDIKk7_THZfJGg_e5l3Qrgk-J6wWCrCCcBP6mVENh9wtc2I3Q8LtYT41VHNQewS6WgEDx5xJtLATlVHjeVaDekLVKGs6kKdOGgLOCXuk2v3aZ8bk_Npx24nX2z_4v3ChJIjuJKWnmOYrYyFxHytHbBDD049Os2soTKYBYA0_dOZzKDmYcBwFEboiL1aj4ZQEHYVCRN9H0oL0lEqwlhwzjU-w6wCvzdGRbNnkFApWX5ccCU4P9XViK5gB7dnBOIpenxdkaJIfXxL80ORBtd5aQ8Jz5SQz8P21pPlo_w3P79rT2bBJO3ym9HOO859tmxUaaOb8eftrJs9MBMkYCPbEFhdbs5h44vMjjOyAftxMgNMf1-lHIN-TGPzrZGwdNXe0Rj0s5MCulyP7iqJcgjAxu1wmej_xy2ata-QaI30mB32B78oNdq36EhdH4S9AzRGDqMBnt75V7BZrXUMGloYwMrNJDiIyk0NEP9djj5eBCkTJsSQpChAKjIuYVRnpqELhtcpKQk7Pwu2ou-V5tT20U9837O_xxcHyBdZyma0_m9EP9b0GnGHozKNuNn3NgSd4JDfhLRZROUQrmVTc1zZGqdfbEC7kBjOJNPaTMdpRefZrjlzmD0eqpSz4xNu6_Igsc8R-GYmXuYKmDI0pcu7ms3mRSH66yhU2xPs-eVVBVD60xarlOpy_EbLAdK35lPnC6FqwbyQ-Ggm2vvtlX9T1GLHyBr8SsixW3Z_eCKS7Lyw809e2NTZaexwMsUFIVmdUIbuz_kj8kCcv49mQfyiKXGtteY4hR2eByXUi2e-jPduX67F3F8jxTclCCQt7qG_mCgV6blW9nzNVLkztQPf8W2IEBE9OGGwO07zXmXgr_sMmeWhzJL5_9-PNnrxwwk_HLqX8K9tY7-BRhE2wfi_eWBnZDFQoaOjBu7mnjn34t9DbWe3P3FCh9Yaz-bI1tP1oBo87Rs15h9xNpKVmT127yrJ8oROXw4w3vPohX12U06DTI_VtrghI-KhepXmneBI5Xq85GUfp5aDe-1JL0yQGzVZExfHx-eNOCupVn8k6-pYPl0mamD2o8AsmPyrbrNYdeMJ1GYu5H9PA7HtdTcbL42M7nV1t_tfu3wsUR880cuidueBypCdeDocrNWubEq2btoGNsLlNuiu9GOyXTAj7KuyadTADnzV7znsP1bFgtKaRmguavuAY8Ib4ayI3RoO3_HivYuOa9Vidy7fSfBi8JKuso0fxl03kfqTfUV7_TSl7Nmi5DSn8uQev-ZgmQmVS6IHlZQCxIekW5fm6-lfWdvK1ERt25PLJgP6Xp9Jg4lKP6TH-pCCFVjYe0aj6Wulh0JQCN_v3HjwsvAvlesOR-VyBNSFVj6Hj5tRLY4EPI0BuVQitbhYY_KMVqgLuA2-NVvgtSgkW7091wNo4g6mJL69iNjQs55WziTCpy-qQxe6hep4R2_ZTTgrZUeEOwR0p1PtD9tNvhSVtj3prCxcAdiz0USHd8_2HN4n2MP8UbNPktYE_F6M4Bvmct6xYuBVTuvtvmApKjcGpoS8l0F4OQ3wVhHtYondeaa4JOdiqeg4AwG8UD2wcj26eumRGomFgtX9DBHj9VSGrla7Zghqe51evxYz3Ya57c9FWDEdWAcG-IB63eIlbkvTbeP_Av29MM8ogwk9xEOF3-EdsjQpyQLX7BKoCGBec_M0mxykbZJSusjX5-tOQIFiNkqcLItNKXz-NcgA37HBw6yBam5jCLUFqrBr-T3w2kwq5uVHtI4kOqd4SXKu_UNAZXGzeHtHvZxlC6QcfRo-RcAW2sgySDOaIs6cGVIVP5tyuFlVPAfp3BVboH59E4CSqFe4WEa3KD1b6rhXrcKBFhFoHNrYsXKvOhMpeS1sW1kf-MVeBX5Rn7emF5_cw&cid=CAQSTADICaaNAgX3fALwP_uosgMffXo3mwehQYwNlF4GJ4RrfXkhMIpaSXhNmVID1nWr8G16LsvtOU2z5kp35GsGVONHC32WzESY1KH-qm0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstad.yalla-shoots.io%2F&ds=l&xdt=1&iif=1&cor=13069682230842757000&adk=356101037&idt=286&cac=0&dtd=55

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ddeb6b230fb21497c20804c5bbae332e49fb88a919e78813eca50c7f556cc32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38657
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6A65 4 KB
744 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 19:01:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FEE3 14 KB
1 KB 66ms
63ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 20:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 19:00:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 20:05:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FEE3 2 KB
973 B 62ms
55ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame FEE3 23 KB
9 KB 63ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7AF 143 B
166 B 78ms
65ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 19:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FEE3 3 KB
1 KB 66ms
59ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FEE3 20 KB
8 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEE3 187 KB
59 KB 1495ms
1490ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:05:50 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame FEE3 36 KB
15 KB 169ms
34ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6A65 20 KB
8 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:52:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A65 205 B
519 B 159ms
43ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 90867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A65 604 B
697 B 159ms
45ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 469855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 29 Sep 2024 09:34:53 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7E40 33 KB
34 KB 199ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stad.yalla-shoots.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 212191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:09:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC40 13 KB
5 KB 62ms
50ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 19:18:41 GMT
expires: Fri, 04 Oct 2024 19:18:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF58 829 B
1 KB 154ms
44ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39663c3447bd752f872c3c1aa6cdfef87607aec1a1ede3d35a43a8ed997157dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ITcOZJFPVMfpgfaw6rtRfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ITcOZJFPVMfpgfaw6rtRfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:49 GMT
expires: Thu, 05 Oct 2023 20:05:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 931F 111 KB
39 KB 247ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Origin: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 07:03:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 931F 11 KB
4 KB 63ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_pWGyxrAQuYINZ9FUpPIYsBW_GLx6CgtSWT-aGfKwPcaS7hQpMYETKOqS1esIM8Mj6MvW4dWCkHlLNEvVapar5Oe3ng&cry=1&dbm_d=AKAmf-Bok_kjcRPxNLEz1dhKYthXeWXL0_9Iiqi3vqZvjV-Ez35EX3ynHLE8kcXlo0Q9rWEkNKzQTC93JDPumy2RJSa4g8LUbPLY_-nDVxuQ5kdEAZKDM-qFMQppySXNkaZFOl8tv1R4zeQsiy3IwkdwxA2WpCIeC7NcBILr9OaiDfS-KrdjPNpdc8gAyyNcK929cvdEJjeYE4Kxe5hzRRj161MUKXHm8q_IyD49HnHY6_Rd1rJze-5aI_dPwhCcZrpIevv29eQsANGAERWp13lSemEhVriZcQn2boSHhRfy3VbH7HcAdSAIfZBcTO5lFgBcObRObxFKJwMk1T8BFdypARSDB1YBKSOcsmquxydoeP2_ohQnHfgVQIds5kpTIiDzCP0RMJudjRN_qOHiZJ2cuC-Xms0eHC0pZUM_fqsL7l2uJFK4Qdm6pxp7rpjNMMD3HoWrHpVSj2KVApvhiI16x7gAmMwT696KComz9t72e2FlnXFbBYDF5CQ70wHNrbwLt5kVP7-0AXGx5Oj43Y_O9lSdk3cU5m55_tYrxnBoOc_6oEiT6iI_3FqV0QylHfSDdmctPEBju8hjKfvyjUPeCTL62-oSa0ZDO9Rw-mROj0fNLR4RjYPDRjxsE17P10uQRDMTdSWuW8sL0apX1CeUxRea52eRp6I6gR94w_hdX7bqzXD7nSjoE7AdIcFwzEWtNuqso6009Ttcqqgp93SWGu5KZWXUT-eD-Y2OL_aJpUO8SdzLy0gBfkNRCykkHGdYIaDRbCLw78UHlyA3WWSHrJjF_syC5p5iwTDZhnNcxPIlkba6fnUeLSX2r6E-o-EgethqKBiTTkl9omsznXW33pHB6MgUZx9H169uesmiksGK7ezRNNkG1V3QF8G0DGou_M4o0F8t_1yq1MaI-F3XO2ITncaluUPoRinqTRV8e4m1ybhSHPJYc_VUX8Qai2EVp1FxF9IuntpO4TjdywunqP7zUEb3m4Grd4Ox94dhYrJmMnrYHHVu930pA-KPyrAnw1ta83VBdvi9V5WBqp0xFxuYkFWgcofYAJkC95B7ut2TitOf68wi37EiStHVLR7wf0tla5AY5oFkZkbvuzY30cQpuK0eq29e5fpKHt0FTUNJlVC2IMZGnRTEOJrGa-YdSnKrZra-YL6bFCyWZgo1s7bCDtXj2b3Fy9RB5IA4AqgQxFdJyQq70loeyRbAJD3KIXYcsZYul8iPCKC4Ts21tsBo902wkkKCLjdhdOvOQACzx4ZG3F572dUNMg2L3mQgAuMWRCzzKDBAVUt3NgTw4G1InAcwW5udSKokKaLuyo72luXvHihnmJtVV_31qcL3gMcFBBrmFwRn037fklRQBtjJaJxp2n3GXQpypOKjTh-sNqh6NMCnnSHSOoxUFupWJu6lv8hPtzBgFQkx3X0SaUUMPxKnASp7J82S9L0FYk2ilEm5_E3UXeshUc-Vg2uLWJ31Mp17bMLczFG_-eqLqWpfZ4uOgDAzNOKX0GGpkxNLF27vhMpu1P1x14hgKMltLKCX6-34xWGhA6-qUUUqzIlO0xuEb7oCqnEWvXHGcUT0Znkn0TbNw1kxLw74DPLbLFDknyVZb9O42hS3n-crK_YLe7fPCN74Z7jzrJ3sawZjpA7I9lHdPtsIDI7wYjsTcL8MVH3v22ibYdG9Tsr6RNgtyPK8bMsB_GHTjiTbXlZOxnGROztt3Iex3zU6p3oaSkmbliu4SNpUKOOl8PL7UpEkIhl4oYVRhrVJQyKdC1KstLI_1QfFsW0ikHOBzYxxbs6oO9GgspKFTrLah4QDZgNKJkBW8cPmHq1hynQ5dAg5Y5hXW6aMNjijziuSo1_xmXThSA3StTfuMr1tywUZmc0DHmEcW3rGPonSp6w3kmoIxNzZHll8UMEQBGQvD5xzOb9iiwyEcHPT1eoA8Ptxck_257Zf7Sj31Ica5ss7Hm-WgoteuU80CXkCv_47Dj_mJwQfx5cDO-9Sthi-xqXflASixWFsA4OHTA4BT6RJOISDIKk7_THZfJGg_e5l3Qrgk-J6wWCrCCcBP6mVENh9wtc2I3Q8LtYT41VHNQewS6WgEDx5xJtLATlVHjeVaDekLVKGs6kKdOGgLOCXuk2v3aZ8bk_Npx24nX2z_4v3ChJIjuJKWnmOYrYyFxHytHbBDD049Os2soTKYBYA0_dOZzKDmYcBwFEboiL1aj4ZQEHYVCRN9H0oL0lEqwlhwzjU-w6wCvzdGRbNnkFApWX5ccCU4P9XViK5gB7dnBOIpenxdkaJIfXxL80ORBtd5aQ8Jz5SQz8P21pPlo_w3P79rT2bBJO3ym9HOO859tmxUaaOb8eftrJs9MBMkYCPbEFhdbs5h44vMjjOyAftxMgNMf1-lHIN-TGPzrZGwdNXe0Rj0s5MCulyP7iqJcgjAxu1wmej_xy2ata-QaI30mB32B78oNdq36EhdH4S9AzRGDqMBnt75V7BZrXUMGloYwMrNJDiIyk0NEP9djj5eBCkTJsSQpChAKjIuYVRnpqELhtcpKQk7Pwu2ou-V5tT20U9837O_xxcHyBdZyma0_m9EP9b0GnGHozKNuNn3NgSd4JDfhLRZROUQrmVTc1zZGqdfbEC7kBjOJNPaTMdpRefZrjlzmD0eqpSz4xNu6_Igsc8R-GYmXuYKmDI0pcu7ms3mRSH66yhU2xPs-eVVBVD60xarlOpy_EbLAdK35lPnC6FqwbyQ-Ggm2vvtlX9T1GLHyBr8SsixW3Z_eCKS7Lyw809e2NTZaexwMsUFIVmdUIbuz_kj8kCcv49mQfyiKXGtteY4hR2eByXUi2e-jPduX67F3F8jxTclCCQt7qG_mCgV6blW9nzNVLkztQPf8W2IEBE9OGGwO07zXmXgr_sMmeWhzJL5_9-PNnrxwwk_HLqX8K9tY7-BRhE2wfi_eWBnZDFQoaOjBu7mnjn34t9DbWe3P3FCh9Yaz-bI1tP1oBo87Rs15h9xNpKVmT127yrJ8oROXw4w3vPohX12U06DTI_VtrghI-KhepXmneBI5Xq85GUfp5aDe-1JL0yQGzVZExfHx-eNOCupVn8k6-pYPl0mamD2o8AsmPyrbrNYdeMJ1GYu5H9PA7HtdTcbL42M7nV1t_tfu3wsUR880cuidueBypCdeDocrNWubEq2btoGNsLlNuiu9GOyXTAj7KuyadTADnzV7znsP1bFgtKaRmguavuAY8Ib4ayI3RoO3_HivYuOa9Vidy7fSfBi8JKuso0fxl03kfqTfUV7_TSl7Nmi5DSn8uQev-ZgmQmVS6IHlZQCxIekW5fm6-lfWdvK1ERt25PLJgP6Xp9Jg4lKP6TH-pCCFVjYe0aj6Wulh0JQCN_v3HjwsvAvlesOR-VyBNSFVj6Hj5tRLY4EPI0BuVQitbhYY_KMVqgLuA2-NVvgtSgkW7091wNo4g6mJL69iNjQs55WziTCpy-qQxe6hep4R2_ZTTgrZUeEOwR0p1PtD9tNvhSVtj3prCxcAdiz0USHd8_2HN4n2MP8UbNPktYE_F6M4Bvmct6xYuBVTuvtvmApKjcGpoS8l0F4OQ3wVhHtYondeaa4JOdiqeg4AwG8UD2wcj26eumRGomFgtX9DBHj9VSGrla7Zghqe51evxYz3Ya57c9FWDEdWAcG-IB63eIlbkvTbeP_Av29MM8ogwk9xEOF3-EdsjQpyQLX7BKoCGBec_M0mxykbZJSusjX5-tOQIFiNkqcLItNKXz-NcgA37HBw6yBam5jCLUFqrBr-T3w2kwq5uVHtI4kOqd4SXKu_UNAZXGzeHtHvZxlC6QcfRo-RcAW2sgySDOaIs6cGVIVP5tyuFlVPAfp3BVboH59E4CSqFe4WEa3KD1b6rhXrcKBFhFoHNrYsXKvOhMpeS1sW1kf-MVeBX5Rn7emF5_cw&cid=CAQSTADICaaNAgX3fALwP_uosgMffXo3mwehQYwNlF4GJ4RrfXkhMIpaSXhNmVID1nWr8G16LsvtOU2z5kp35GsGVONHC32WzESY1KH-qm0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstad.yalla-shoots.io%2F&ds=l&xdt=1&iif=1&cor=13069682230842757000&adk=356101037&idt=286&cac=0&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:43:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 931F 30 KB
11 KB 75ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 931F 41 KB
14 KB 69ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A8C0 2 KB
1 KB 147ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR8XGwAPNIkK4CmEAAHYtUCm_7w_8mKDaRJf5w&u=%7CdHqe%2BCt5iqJAVbfjd2AakgVFGyJkwN9GMSVInx2eA6E%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZZW7YRztJ0nGFrv2w2qFM8p9ySDf7aIa5-i5i3V-0aCbb5owZxH4plLDSej38vpsuRJIt8LuhWAeKg1GOgc14FZ3FaywNhGwFRitZZowxOn_mhtT34H4ysDyPGP5m0zqKVvYU_LH0PH5WwfkLniYKd_e2BOaoLikPrD_WnZpCJZ0_0F0A6EFnSA3sg-Q0xG7t3pXIw6YrsPVAhu1cG2tfR4eHpsRo-buWC9pkM72oCWCkgetK2Jhr3N0d7gPmkMNB-Od1aXffKXkJDnuE8jMb2lXFGDITQDcKSD5smGdBmMlobEjHJFaLOvRSna5BePXN4ugQJKaO4vHQU_4PlvJ4u8Grbh30Fq3TRgMdHvIeMkZMjPEJHpXWOVIVv0KV0YizTp3AneyyhfgmjN8sjshEhmBa5oMs9gAZozcEdqRznm3INSv9zDR-vF0D0K00emUREdKJWvwL7pNEddsaE_YJGuHzG-qr2TCdjstP-2bun1UE2I_Nvcs-iYVI9y9l2wdbRLYb4tMak6S79eWJCpUWJw--zhoIYidlgIz1dzhD8WRQOqXowhgZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClpdCGxcfZYnpPITTgAe1sYeoA8me0rFcxYyL4JoBwI23ARABIABgkYSghYwYggEXY2EtcHViLTQ5MDM0NTM5NzQ3NDU1MzDIAQmpAqPKqSMRrbE-4AIAqAMByAMCqgSmAk_QbKU23nUWbPs9f62MLFSRnlwtZQWFWMWIz9fKlKZzRfVH_Wi6USStQoR7qE5eG6AFC_ujws3uNCKB456noj0OjnC8a2rtdDrKcAznuYruX-XPiGGB0tgnHDa9omE48QyS4gTOoor-g2XjzPXIkN5Li5kvF8jrDgo6doSsT7o4W6uEMWY428aKa1Hgk87do0k4tGO-6pzhHhNBVP-O7rp_cci8QfDyxtFhDGUHCCIou_qjr1rkWbfTdB7VvN5ZxrF8cOZJsiJ31yzJm0U5ddEQwGAPFtQ4dPz6C-t1jRkbrnHv0HY5bAZbsyvu0qf_vg-0Uk2rWOVaXpQpjkuTK1xUM-ldtu3SM87QjrfntI1YXjvjvtl0Bo4r7J1kVIbHKJzc4gWb-uAEAYAGieGsw9fOvuB_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OoHInJ2QgvCbVTYhaNzCM0ttQEQ%26client%3Dca-pub-4903453974745530%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame A8C0 2 KB
1 KB 146ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A8C0 308 B
636 B 43ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A8C0 293 B
621 B 39ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame A8C0 43 B
348 B 190ms
67ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UVgkb4Y-i0jb2-3tyFj4bjMDRmA7rOM1TvRLk8QcyVyujgLDe7jC2uaGdsSJf5zjxhmX-F5DSMnzfpiMLf8UyCYtbm5njRvRy6fBoXtAcNufzX36JmQ6t2QA-rE7t-yjxrxDZmQ7oJKMtyyV_FMGG_7gGFLDuo-40BkxDzbkeDpODPjhJYKDt_Q8e-W42sHnAlzlr2KcRrBt4N-lNaQIB1pe2UBUIuo1YnENshUHLjnDoxXfoxfd5ztvcCy1WtAL7GkclZybUS4mg2jouOCGiyB9_PdwjFets5NbUaxdRcfXdD2DQkElyIK1uP-BuwvNXEVZWzidVEk8nRVgj7n_PCIrkek4qq9PyCQj-FNtvWWP5H5-MjR6-vNH749LBk-MXY2GlvWC_-dphTTW4VEpYXKi8oIODMjTzaNXC88GU-dQ00wi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1616723
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7E40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
41ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H3
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Oct 2023 20:05:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
231 B 34ms
34ms XHR
text/plain 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/xO_41/hbw_master_751017_18384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoots.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://stad.yalla-shoots.io
Date: Thu, 05 Oct 2023 20:05:48 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
DATA 200
OK truncated
/ Frame 931F 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76342bdd3c3ca3eb7c7166bfeca32db893ba3367d451ba4b935f45c4427355ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A8C0 12 KB
5 KB 125ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1300858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHJifWeCATveaCLx1JOOXk0pV1CUa6Qyx3LCFk8oGqfCajYaWHX8Cf7Mxu98tiR88G9rIl71M1H89Ik9CQsTme1lWUtNlXTgzV3P5yfmaoQHfySANZl62YnHH3MVbAvwwcMzv%2BcBRMOy4wBgfDHerdfW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81184816ba600a79-AMS
expires: Tue, 24 Sep 2024 20:05:49 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A8C0 12 KB
6 KB 41ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A8C0 0
128 B 155ms
68ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=URmY1OCJ7FojNVl5R0sAWg9YQUjqKy5gCENBG78o1OyR6q6Hi8tGsqHwZOa75ZkVo2eXRtsI0Grodo5de5ZtSmRkBukzAbdRh0OvumswUIjvQgNpvySMMnaxBsQeYW9E9Y89y0t9Yi09HRz5BUGWwx9fbfhQoPTfhWoazgH0xPhPoc30V8NouNkr8GV5j_Lq19lChvxVGMbEv9h1BCme9mHwYNWmjBpP06smIsI4jCs67Z7dGZ3MepTkPpupw28rH_fIiw&sds=2&rev=88731&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Oct 2023 20:05:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A8C0 2 KB
1 KB 31ms
28ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H/1.1 200
OK c3RhZC55YWxsYS1zaG9vdHMuaW8= Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 6DF8 16 B
464 B 339ms
35ms XHR
application/json 2.19.100.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/c3RhZC55YWxsYS1zaG9vdHMuaW8=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 20:05:49 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=34704
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: af14545a3efd67eda7761eff33cce2b0
Content-Length: 16
Expires: Fri, 06 Oct 2023 05:44:13 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 6DF8 43 B
371 B 59ms
54ms Image
image/gif 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sat, 04 Nov 2023 20:05:49 GMT
date: Thu, 05 Oct 2023 20:05:49 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
49ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:49 GMT
expires: Thu, 05 Oct 2023 20:05:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 20:05:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7E40 0
0 79ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnCWuHBcfZeayAYfzgAfjlKLgCszmuo1zxo6i-pURmJL4h7MCEAEgudvzJmCRhKCFjBigAaGwnsIpyAEG4AIAqAMByAMKqgS5Ak_QAxN2BcTItpd8KnhoIfaD-Mg7EC8IRe_0RNNFsREOYKUnOKub_LOtwNvrvuSHrZR_q-Ku4CDRAdihxVEMe04muyRSWkfs40sHSyvYtEufdfgfRMNNK_VamB360v4uq54intX9P5uXeXZGjeNVWN4dwJxmmslHMtDjQ1CZW1xPQTgtLAzHFoFHtGMBVCZLVFSZWuilUrRaV_YpkPBsQxtlU0w4ARmiSOvESB0GjdB7qzXIhPOJZQRlmZkMgWS7cZa7Z4MLbqovpX5h_gx8xQIe_gbXQThKvptaN0blWYcSUji_8ixLA4dbbpm7QU5jHEL3KpJeYOgZiPraV15agJUNI3NLj0Bn-XBDQlO4eZVLSvfPoFq57rn-LzUUynvQnXcXbTo7mJSBneffTz3fAa4UgA5hQV7LxqTABJyJlZ-7BOAEAYgF3M-MvkqSBQQIBBgBkgUECAUYBIAHoejuoQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD0_QfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmsAWh0dHBzOi8vd3d3LmhlbHB3aXJlLmNvbS9hcnRpY2xlcz9jb250PWhmMyZxPU9ubGluZStwYXlyb2xsK3NvZnR3YXJlJnNyYz1tZyZnY2g9VDAwMDAwNDgmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9MjZiZGM4MTZjOGRjODY5ZTUzYWVkYmNkODMwNTdjNDiACgPICwGiDAwqCgoI5LSxAu61sQLiDRMIgpH8strfgQMVhzngCh1jigis2BMMiBQC0BUBgBcBshceChwIABIUcHViLTY3MzYyNTY0NzMyMDI3MzMY5MMO&sigh=Jtk62i3Imig&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNO-48_m2YIVyGy2VBoHp7SzQijoL9MhjeFChlVRrQb60RwRvcdKgT_wd8SjwHfUanHy-9PgHrwkTGDH7JZS_NTh4AhthfeBgB&template_id=5007&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 845F 38 KB
13 KB 76ms
43ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 69558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF58 0
0 135ms
134ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310020101&jk=2316601628951147&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 320x50.html Show response
s0.2mdn.net/sadbundle/8044300362234431308/_320x50/ Frame 1E73 5 KB
2 KB 121ms
34ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08a93085c5b8fee5e4fe5d6f4ba3522ea889c7c45189ffb3f32c30b1254da08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 15:29:30 GMT
expires: Fri, 04 Oct 2024 15:29:30 GMT
last-modified: Wed, 13 Sep 2023 16:02:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 931F 0
0 296ms
80ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqRmM0EeqNFXpziHierLUHLoMp2N48Z2il6eIbHzRm5z3r1ogzuEvsIERC80xYtpWWJduWb2V285eF70lHU2caJoj2TjXWzkeTtOU-XJX1QR04jeOXnQj37zpgXHz6bqxzf6a6D3d4fLzq0bEOHAMSaWG4MosO53YguE9Zs2V2AZtXlhLwLjQ6kzES47hhs8AL5j6pC3ZD_GdtAhsWzT2hD-Ib4ltD1Zc95O7Lt4QlISKas0JscyECdQFJNDlcOX0Y_aAZjzf6dQ_F3eWDHsca8GItmehSKlZYep74iGN1C5YAXtFCwRFlwv_9C_Y7W4hATFj_jWYLmb4DsleLVTZAUoNgQ-QbITl3Tgm4R6f8eMktOp7w2IJqyMbYiOffipdbLHfq-P3n93a4OGfSZshI3Re1MYCJ5lxsF99zYmyUpx4jxUlGqzvmYdfowsF_YUOnfrt9wLFNhprJii3RuFCb_x-_ouv2U9kOOOuOm4DGtHkwzbdoydwXo8ib7hJ2T-xb4UoYIf7VzOVPu6x-n5Z8WUcfNNkWtECqyfpa6y1VJHZFQF3Bfq6ydgicFwOjs2YQsKvmkMQr9RYEc44EYy2BNDjkmVps5Op4wxQ2WeIgmOANxO06AeWx9xPoFAEpk3p7cmZgnlag2N-KEDUPm97k7cHdvkpuBlU60gxvMTTuWYm2_8dVlpODg10oCVfojxHIN7ePFQXVMj5p4stk8cqnUWjRc9fE5FDxKBlzHFYaKZ86THRBiQvHz7Us8oEDwlvMWc7R__gT5dSQjJrGkq5Ek5C6MEHVMWC-tvg1qh1JixeDpKYUyDg_zAtRlhLPVCK2wpk4pZVPTzAZWgfl7mY44IQ3gDdsSPowXC9prXqfdt4JpJaL_qkyicoL5C3836ahrW-EwtkryySR4m4NzCQlayAx0BNrgYNMZDOfFMuPqAX1jN0QV5yP0CNW_5V-hd8OmcaRmty4InWi7GycdA2fmIEZXMHQj3QR7u2n7VQ4F5tlC8E7fNXYerZLCHYV8kAlh2_n6GZ5vSp5ZVvlAQrJAfwcvwwzpfGYgbVF5PtufqxPd4qONZuuPtXy5BfHXMXmQIsE2MO2cfWqaLaE8SHEfXYCqzKUlawxRjjRd0JKewdQ5IB1IICQ1D_EERvICPrz5Rok9ILPSgxWNv5jcw45D0ORf_QkGjuD2-YdNyz0GDswL0s2TqptA81gEze-6L_7brOa1NLw2jpnLtzaE4kB1ZTZpWw-IStUGOVDOwcOeysdnba9XTkI3B-ci4WjyxR1wk-O2Xa1dAFT4fWoOMdrja0BBdEui0T9bKrrJ7kpRSScQSF15ZjKuIpXSZewhGxf6Z5FPgMd36v3ZTG35HGsBfO_LH3YbRQe15RzqffMeQYBUPqBY4z1H6QgtcdMTKW0yXB93tr4RR-U9xgB-1RafKxtV-cWAuLRUSg&sai=AMfl-YS-PUswkukJWb1X7FOJalO4om5aMnalXxTTpQ747h6s80DMo2UF7Dp6lH_soiTMi0W3WO0jyi1OusUOKj_52T1QgLrWRBsT_oMtzFbg3P1sgBNw7Ue-t1quVVaAsY2KubkrFZmCjm1SDQQanWz4qnzzziMfj8lXrtulf1nhvTO7kKX7JkmowWojQr4h1LB5AF4gRVegUaiF97nbC60zj0awXQRw0KBr6XV8Aunb5xf_9T5lnXubRXgm2I6QrJQMbf00B4JQegVJHEZd6IBDhlsLFnKXo8YOGAhEMPtfA7mU8NyTNhNprTHAvYlZqA&sig=Cg0ArKJSzCw-YdG_CHtEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=468&cbvp=1&cstd=464&cisv=r20231004.45136&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 20:05:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame A8C0 2 KB
854 B 36ms
35ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame A8C0 2 KB
854 B 34ms
34ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame CC40 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 6DF8 4 KB
2 KB 544ms
81ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&idx=0&rand=69611&widgetJSId=AR_11&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&settings=true&recs=true&key=ADIPO26N995I7C97HCI1JF7FG&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010477&sig=3H6TeeE1&apv=false&osLang=en-US&winW=300&winH=600&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&ogn=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 78394bc8f205c5bfa7b17b778ad66fac21557bef11beb169ea7853f3cdff0597

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: NLDC1, FRA, Europe3
x-timer: S1696536350.921941,VS0,VE49
vary: Accept-Encoding, User-Agent
x-cache: MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-fra-eddf8230075-FRA
x-traceid: 4fe9d7b41e95963e971e8a08e8df6cf0
accept-ranges: bytes
content-length: 1883
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame A8C0 13 KB
13 KB 341ms
36ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H2 200 b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff
static.criteo.net/design/dt/ Frame A8C0 22 KB
22 KB 366ms
61ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b8eee2b9d14c4afeb90edddc0244fcc5_mediamarktregular.woff

Requested by

Host: d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdb9595cf3bdbb77721ab7eba69c98f3fb80dba16e804310c508e3a465d2dfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Jun 2021 09:06:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60bf3320-5860"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Sep 2024 20:05:49 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 6DF8 4 B
371 B 426ms
106ms XHR
application/json 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696536349577&sessionId=3f215573-6e89-fdab-8c43-cf8dca7a9bfc&url=stad.yalla-shoots.io&cheqSource=1&cheqEvent=3&responseTime=359
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 20:05:49 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9cdcc30f20651a18c65af04977003695
Content-Length: 4
Expires: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1E73 236 KB
63 KB 168ms
47ms Script
text/javascript 2a02:26f0:780::210:a408
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a408 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 05 Oct 2023 20:20:49 GMT

GET
H3 200 320x50.js Show response
s0.2mdn.net/sadbundle/8044300362234431308/_320x50/ Frame 1E73 31 KB
7 KB 46ms
43ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1858d6fa88f88ba6426417813ca5d15d3d8670870fc5fecb62bcbc70fbc044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8044300362234431308/_320x50/320x50.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7560
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 16:02:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:53:09 GMT

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame 845F 38 KB
14 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:37:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC40 0
10 B 35ms
34ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7ovaxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 931F 0
0 73ms
71ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqRmM0EeqNFXpziHierLUHLoMp2N48Z2il6eIbHzRm5z3r1ogzuEvsIERC80xYtpWWJduWb2V285eF70lHU2caJoj2TjXWzkeTtOU-XJX1QR04jeOXnQj37zpgXHz6bqxzf6a6D3d4fLzq0bEOHAMSaWG4MosO53YguE9Zs2V2AZtXlhLwLjQ6kzES47hhs8AL5j6pC3ZD_GdtAhsWzT2hD-Ib4ltD1Zc95O7Lt4QlISKas0JscyECdQFJNDlcOX0Y_aAZjzf6dQ_F3eWDHsca8GItmehSKlZYep74iGN1C5YAXtFCwRFlwv_9C_Y7W4hATFj_jWYLmb4DsleLVTZAUoNgQ-QbITl3Tgm4R6f8eMktOp7w2IJqyMbYiOffipdbLHfq-P3n93a4OGfSZshI3Re1MYCJ5lxsF99zYmyUpx4jxUlGqzvmYdfowsF_YUOnfrt9wLFNhprJii3RuFCb_x-_ouv2U9kOOOuOm4DGtHkwzbdoydwXo8ib7hJ2T-xb4UoYIf7VzOVPu6x-n5Z8WUcfNNkWtECqyfpa6y1VJHZFQF3Bfq6ydgicFwOjs2YQsKvmkMQr9RYEc44EYy2BNDjkmVps5Op4wxQ2WeIgmOANxO06AeWx9xPoFAEpk3p7cmZgnlag2N-KEDUPm97k7cHdvkpuBlU60gxvMTTuWYm2_8dVlpODg10oCVfojxHIN7ePFQXVMj5p4stk8cqnUWjRc9fE5FDxKBlzHFYaKZ86THRBiQvHz7Us8oEDwlvMWc7R__gT5dSQjJrGkq5Ek5C6MEHVMWC-tvg1qh1JixeDpKYUyDg_zAtRlhLPVCK2wpk4pZVPTzAZWgfl7mY44IQ3gDdsSPowXC9prXqfdt4JpJaL_qkyicoL5C3836ahrW-EwtkryySR4m4NzCQlayAx0BNrgYNMZDOfFMuPqAX1jN0QV5yP0CNW_5V-hd8OmcaRmty4InWi7GycdA2fmIEZXMHQj3QR7u2n7VQ4F5tlC8E7fNXYerZLCHYV8kAlh2_n6GZ5vSp5ZVvlAQrJAfwcvwwzpfGYgbVF5PtufqxPd4qONZuuPtXy5BfHXMXmQIsE2MO2cfWqaLaE8SHEfXYCqzKUlawxRjjRd0JKewdQ5IB1IICQ1D_EERvICPrz5Rok9ILPSgxWNv5jcw45D0ORf_QkGjuD2-YdNyz0GDswL0s2TqptA81gEze-6L_7brOa1NLw2jpnLtzaE4kB1ZTZpWw-IStUGOVDOwcOeysdnba9XTkI3B-ci4WjyxR1wk-O2Xa1dAFT4fWoOMdrja0BBdEui0T9bKrrJ7kpRSScQSF15ZjKuIpXSZewhGxf6Z5FPgMd36v3ZTG35HGsBfO_LH3YbRQe15RzqffMeQYBUPqBY4z1H6QgtcdMTKW0yXB93tr4RR-U9xgB-1RafKxtV-cWAuLRUSg&sai=AMfl-YS-PUswkukJWb1X7FOJalO4om5aMnalXxTTpQ747h6s80DMo2UF7Dp6lH_soiTMi0W3WO0jyi1OusUOKj_52T1QgLrWRBsT_oMtzFbg3P1sgBNw7Ue-t1quVVaAsY2KubkrFZmCjm1SDQQanWz4qnzzziMfj8lXrtulf1nhvTO7kKX7JkmowWojQr4h1LB5AF4gRVegUaiF97nbC60zj0awXQRw0KBr6XV8Aunb5xf_9T5lnXubRXgm2I6QrJQMbf00B4JQegVJHEZd6IBDhlsLFnKXo8YOGAhEMPtfA7mU8NyTNhNprTHAvYlZqA&sig=Cg0ArKJSzCw-YdG_CHtEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=945&vt=11&dtpt=477&dett=3&cstd=464&cisv=r20231004.45136&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 845F 0
20 B 141ms
140ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7ZtVHBcfZZDOLpek9u8P-LeygAUAAAAAOAHgBAI&bg=!9vWl9brNAAYMG8UMLBs7ADQBe5WfOIYVh2SPJAF_dXisQJCEJdSPPV8hvzQhwgKEr7e_EZSIKnJqt9OKXvszbV3wqVKyAgAAAM5SAAAACmgBBwoAZ7Ysuu-U-pONLFs4siqQtaex5PlfO7Zu1KQm6xrPKxyeTgplSSKNA2F9tBIRJDUT4lzml--1rTCLgdHOhhgUHOE6yOVhau8VBhTCXSgiyh_RbHvFmPP1PrusZ62a1T8aQMgcXl6JSNOZAxITOd3eqFh0CBXzjQHV9hOIaUiJv2YPn6qL1mIPUUL-Pn0S3Qw_xqLVKCdcsvM0OGx7yI2-DBpzjJjuFcFTEAzdcP8EguX_ZXDOFCv8WU29Qs7Rb5NoB1ZsCdkkGMzfNock3CMfmR-2pHcfjj0UcLdzdlx94c7UuIIWRTGEnPZjviGiazZDjec0PrkmgpQXKX_87zbhPUq3MiOqnnBhv-NnTDYJrwB5YsH4vfK-SUQJxpeqiVvMkFeI0y7Vvv7kY_vvNwm4E9RJRb3X1mmIcJDAVAP_H7JKFdtnC1NfwRRZHuIkskVR9tIEYQ47UCLXp1-BWs7t0lTXfloSZtZIjYzauD_4mx4Lbzq-fgWnw1SVD8AvftF_L6Q_NgTWS3jKrFdhKwjFWAVIJ24NmBQepU9NMtdkeDPvhUEDSF541cIslVSe3zT_Yi29ywMA6SHtZKIz5T6HXB9jQXiRKXarf7kGdW1AUWrDVQYd5UzkTceYRHodzvswPz0yyi33TWsy64cEEhC63EjbRn3U-gnDpGxtqZXYCTo9Cy20MJhW9UBIkxoOYkFtoHP5Kw8-2IXGLTs9vRJZEab7AUHdhZCTPzfdbeIJeRLCahfQGwG1X2vtkg7oDGO68da28xUahDnAGPQVfW1vLtVOjH6ctWcZaaWWSY0f8Nzr1Cgzrq0H16g8kATI_f42oCunmol2vvnCPzCh-nluz_ExSHFXDYnGYhcNqIzVIP7fyO2ImCawdje1kVvmakRSYtWlv68BZWrJjkRruEj3KRkrsXBLgRt9Egxpcf9ZhhlVhc1veDBTsBC02koT1lz2Fnl2O73KN7TqqbGEqOrl7KajW6eCVh1inesSxjZUQ_-QT7EZ0I3hEuMdo3TlH3jiPQX4c77CzXKgCgqC2_sO-wuQjYVs5a_zmVycs0J9xMnFXtPdARjdwpG_YPXZrQjgK-xOqA4HeIAhLy7CEVfV8IlgloGslVWHze4VkPwZgh3fuiXfzZ0OBPdSehhKNk-8kGDpfXOtweWQNrNG6puuyLgYcf6sRpQFoWqIH2M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nldc1.outbrain.com/ Frame 6DF8 2 B
356 B 382ms
30ms Fetch
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nldc1.outbrain.com/l?token=522799f92ad2d6d9d174c01df09aee0f_119225_1696536349960&tm=775&eT=6&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 20:05:50 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 0ee5c629abd41d43b93a36e848f16a23
Content-Length: 6

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ Frame 6DF8 48 KB
18 KB 145ms
48ms Script
text/javascript 2600:9000:2057:8000:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8000:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:08:43 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 7027
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: MSp6KoKGKpRMr_pB70YLurLcbufF3s7-4yy9Y_eH9AIxfQDEORCNmg==
expires: Fri, 06 Oct 2023 06:08:43 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame DBFE 4 KB
2 KB 33ms
33ms Document
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://stad.yalla-shoots.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Thu, 05 Oct 2023 20:05:50 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Thu, 12 Oct 2023 20:05:50 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 931F 42 B
174 B 166ms
165ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuT5T7knGOwD6bffADUiZnRgipBkLMKgkC6O0J-Wl8AwSCNLr5pRFJPp3vAG1k773TkRrYD7vY92lOMTsDUAhjTzVtgmJAXJsEx8DvfwrLp8E0lAMDOPSGjew_JUYhCXXl3hsfk6V9SHia&sai=AMfl-YQJKBA0QgL7CYhHUOIwIj0pJb1RUT6wJ4FmaX2PMIyFOFZW_XdXaiUB1zuZjOTU6aWXsr4nr23W6tEt8XGkNdT6gtnFbaUsPVp3i7_KnenKDHRS_PdqbnH4timjP1Fhmv6TD94MGEjUPziZZg&sig=Cg0ArKJSzH5WtD15jeaGEAE&cid=CAQSTADICaaNAgX3fALwP_uosgMffXo3mwehQYwNlF4GJ4RrfXkhMIpaSXhNmVID1nWr8G16LsvtOU2z5kp35GsGVONHC32WzESY1KH-qm0YAQ&id=lidar2&mcvt=1000&p=463,640,513,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2356448292&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696536348277&rpt=831&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ Frame 6DF8 3 KB
2 KB 380ms
145ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fstad.yalla-shoots.io%2Fgo%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=93966050078060769862202808190002641712451927101329290267852205710001&nc=0&tsf=0&tsfmi=&pv=0&cb=1696536350253&ref=&pit=1&hl=2&op=0&fs=300x600&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=604957648&at=&bid=e30%3D&di=W1siZWYiLDE0MzBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MjIsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMjg0%0D%0AMzE4NTIxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCIxNSxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNs%0D%0AaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6%0D%0AV1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJi%0D%0AcGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0i%0D%0AXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJv%0D%0AZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwi%0D%0AXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjR9Il0sWy0xNSwiLSJd%0D%0ALFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCww%0D%0ALDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMzAwLDYwMCwwLDAs%0D%0AMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjg3NzcxNjQ3NC4xNjk2NTM2MzQ4Il0sWy0yMSwiLSJd%0D%0ALFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0y%0D%0ANiwie1widGpoc1wiOjM3MzAwMDAwLFwidWpoc1wiOjI5NDAwMDAwLFwiamhzbFwiOjM3NjAwMDAw%0D%0AMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjks%0D%0AIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwi%0D%0AW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxb%0D%0ALTM1LCJbMTY5NjUzNjM1MDIzNywtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcs%0D%0AIi0xMDktNjYtNzAtIl0sWy0zOCwibCwtMSwtMSwtMTY5NjUzNjM0ODYzMSwwLDAsMCwwLDAsMTY5%0D%0ANjUzNjM0ODYzMiwwLDAsMTQwMS43LCwxNjA2LDE2MDciXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQs%0D%0AXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNl%0D%0ALG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00Mywi%0D%0AMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFst%0D%0ANDYsIjAiXSxbLTQ3LCJFdXJvcGUvQW1zdGVyZGFtLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgs%0D%0AIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDg1XV0%3D&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A300%2C%22h%22%3A0%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22x%22%3A650%2C%22y%22%3A1302%2C%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=m0AXsKjtsK&sdd=%7B%7D&pto=1624&ao=https%3A%2F%2Fstad.yalla-shoots.io&aol=1
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a5cbe69c79ac37436f714682a236e6fb1d7d3daccf61f026cd503a5c6bee16dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1674
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7E40 42 B
64 B 150ms
139ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_sMzk0X-abHIuHNC3vBMr5wkqEVkT28hyBnIsWtsV0Ns2NVAEErVBGlQI3eAgBih16OxoX-fjJCdPxQ4zz6ZXh9gNyw-mSNk-l5bnoI0Uz8C4CINWTtKxa0cIH8KMdnITC4ZmYwdqRuiq&sai=AMfl-YSnId7TtoHIdEnSRtnVjmKuFxe8uugDztdI-9XEuNXqCRa8ub38ct7I8xcAO1K4nqkkJV1hOgd2JpeNM-XJcBlDWcw7lO1dgU9TRPMPEBI_xuLMYlkcDqy8WGldks6Z33PhrHVB-_Pu22-K&sig=Cg0ArKJSzJHl8AcpiFyKEAE&cid=CAQSSwDICaaNO-48_m2YIVyGy2VBoHp7SzQijoL9MhjeFChlVRrQb60RwRvcdKgT_wd8SjwHfUanHy-9PgHrwkTGDH7JZS_NTh4AhthfeBgB&id=ampim&o=632,110&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=837&tls=1840&g=100&h=100&tt=1840&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6DF8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e5b625955de8a8f8737dc37bb133989a5980fb11946ed969bf4be304987fdb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame 046F 38 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:37:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 139ms
139ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=2316601628951147&bg=!FhWlFVrNAAbjlzx0w5c7ADQBe5WfOE3x0c9tUbrH2bKCfyUu1o5qTPLLNDCSODU9aoq-FuCMeOTZQIoddVZ00DQgqsqXAgAAAQxSAAAAB2gBBwoAkF5MPg3O0mWgL6cfO52Nzw9KHmiJQoy8qesxANzGtznWqTOIJqQ-6UnfkB3s5tBmijhrNI52pyLBlMkAMtSg2k8Sk4rRhpR6u8qhB2xywD-FYq7m1eBvAZCM7XyR-vGZl4g3GQZY-sFuGol7y1RMOLBYVYLx_SZ8_WvuWreIwi_TzVb3volBJRn7RD5gwPRlH5kCx14zgDgAGBBIyhFe9qOQ6717v7ZaMUadW9OOBzsHxvQp9J0RFbYQW2IQCOzprM7esmJcDzqqB7D4cUeRpJBXBV_F0_CDK3hV0vVfO7oslvJwvUzkiN7z6_JuN44itySyED2MkIVnEsbM9VdRHHly2AFG406TWjOT0gOa34WVMd8vMecSsG_VsRvDxLkDrsYe2j0h8c3B1MFsS5w23Hg0fkuE8_MgqVDfG9r2rIHj_FcvOEVfJ8rzQRYjVZXeuJ90854Us_5tokdv8juM45SEVmfELhjG-bpFrqfrSYC1ABmdSEBCIft5UPRxuanT1Lqy1EVx2gB8eiEfDrG5iSLNrP1TBHx_KpO5u2Kfi_9G6ldtegrO1NlUVsHww0GY3icuy2_gdTzV0QfYxAsBOogdZOha8OCoQWrGh6JDdazn77iZxlW-7iiQGSDX32WWKO-ep0NlijI9dSJ0nJo_hz9H0xf_AY9mQ4QxDVV_WOAiSFHtBMwY8iNXHCzCiTfMu3xF9DdDnvgSE94Xt6puLU0BAFpOFx7_dRMKrwWkqWjVGV9GMZCRduGu-B8LADT-JDb3iN2-gbuynKX1jRvKDouWfb-9xe0nrZ2wzA37CzPQMr8B9Gl6FqwMXq9oeUgb0fpJHbn1EQuiLuTA_QRycp4JtN7nzn_NtS3SvgZWWJ-9ZaLWrpHvuB82F66hygrTikPEzpDqcTL12GZUoz3FIrTO99SqILJHsZ6ZkKTjREeiviOkv9RII5Kw2Aio0cHUtJgt6gCVWSjfLGC3J1wp_O--QEQ-EItcnvD9JGcY3RyCeppb43uus_8vQnLSIWKrn5C0tizlMYz0A2nsyyzDFZ5pCDblBJ1yZzWGFF6XDJMknSbpDRUyHFnZKht4o_vAc1STbm-xoSyMXD8E4uphcdahQ3dV4ckiJ6kaBvHQtTcvth_0fj-dslW5SA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ Frame 6DF8 43 B
79 B 105ms
105ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001363e8c236ec448f9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714493d70467f578afe6d6e1474fbb4987bd39e821da61c45085052aae2d05f91e46042dcf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1f08f77f6aa1931c7aefdcf264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0ecf389efe3107ba37de3b2a87f5934ead064c3e240ba4c4507de5f5fd3d285ce81b2c527df21d6deedc85ec54d5814aa5f0ddb95c6187680e928fd56b4c016c726ab7b414c04cb61bf0d8a9ca829ed8669c04fa7c19ccc7780191c2dec48175532527dc9a260fb54dec18a32b4d26ef0dd29d7cfa9b03d89b7a7073530c8f95947caba051a5aa5a2a224f82890815ff3fd2fb07bbc2c965bd708d4aa3adb1924edb28f603f3e7c1e290d5c0bb7e78c6ece1fb6454e4329e4a94edf98180fe2a5debabc6cc4f1f9fd86f8aff657523dfb4786be457382436518d77f40706cf678ae6a04c3ebc160887cca248bab28cba410987b0f25271e61129cc0e1db516747c90a4f87ada5a9acd8011794b1a16fd39e6171dcce007f3cbbd78c1452e862db1bc644b42d9156998d46e4a871a28982d2d5&cb=1696536350640&cri=m0AXsKjtsK
Requested by: Host: stad.yalla-shoots.io
URL: https://stad.yalla-shoots.io/go/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DF8 0
0 220ms
98ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBdSa2K2KlAVdLuFtBUR44YKLfLbBa6umCQHxpPXxEK_L0hVVXuL6tJswn8HnXIFmKtMOQg-W-fscZrCaiANPS3m7taBEtZ8kwnAcDbqT5zBVF5cb814UyhqdSU_pcrd4HTqsm6VYB9fEhq6NwqF1sGWFycIX9BxZEN6ditdb-BjAIW8p0uOja9VPnvFBJXJ5aSk8MSE2-zghC-VKhoM0d9-KxvSIrNjtDfzhCbnAdKCiIW9wZodD-8tJWftuIlhiQCIVK7vE7LBE7UUFT1o3BY3ZOUa6PTgmXTFKC8NlKn2zA2bICclA844X1QWJsvxjAKU0Gmot6E4Qb-IBoSQ&sai=AMfl-YRjWCVsYShnRU3yiPzZxjqaqNxnTsKPruZpJRyHgs1CdmA9M0MfsM8zTINQ52Az8MK2V0SNwjjBV_Pjzmw0rrgiWQH1ffuoAAzbFJlGYKzKJni4Gr7ChKA6OC7WbXtFJLUnX-nhr50_dl21b6E&sig=Cg0ArKJSzB9hoSuyR5awEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://stad.yalla-shoots.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 20:05:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 931F 0
20 B 134ms
133ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9430481486900&version=m202309260101&ct=76&x=1&cor=13069682230842757000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 20:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A8C0 0
127 B 35ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Oct 2023 20:05:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stad.yalla-shoots.io/	1970-01-20 15:58:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.yalla-shoots.io/	1970-01-21 00:01:12	Name: _pubcid Value: a67c45b1-df5a-47fd-80f0-ec43384cb3b9
.yalla-shoots.io/	1970-01-21 00:51:36	Name: _ga_2Y3HW36EKK Value: GS1.1.1696536347.1.0.1696536347.0.0.0
.yalla-shoots.io/	1970-01-21 00:51:36	Name: _ga Value: GA1.2.877716474.1696536348
.yalla-shoots.io/	1970-01-20 15:17:02	Name: _gid Value: GA1.2.1842275057.1696536348
.yalla-shoots.io/	1970-01-20 15:15:36	Name: _gat_gtag_UA_107335079_1 Value: 1
.doubleclick.net/	1970-01-21 00:37:12	Name: IDE Value: AHWqTUncqX7InsyQHSjpxI5pJMMKQ7HEUl6qpleC_WhMnSDgTSCDbDH1jl2LBw_b
.yalla-shoots.io/	1970-01-21 00:37:12	Name: __gads Value: ID=29d31fc15c39bb0d:T=1696536348:RT=1696536348:S=ALNI_MaKeEF4twxpTe8-Sv60cnD7jOx8iA
.yalla-shoots.io/	1970-01-21 00:37:12	Name: __gpi Value: UID=00000c8f633b3a0b:T=1696536348:RT=1696536348:S=ALNI_MY2z56mJLq7xLJMF3n_339nihORUQ
.casalemedia.com/	1970-01-21 00:01:12	Name: CMID Value: ZR8XHCFYOFbuxfDvrPk-GAAA
.casalemedia.com/	1970-01-20 17:25:12	Name: CMPS Value: 2185
.casalemedia.com/	1970-01-20 17:25:12	Name: CMPRO Value: 2185
.doubleclick.net/	1970-01-20 19:34:48	Name: APC Value: AfxxVi6vT8eZ0MvIh4cQWA9k1ktF8F1E1M-c5hbUSUYMfZcDtV1l2Q
.adnxs.com/	1970-01-20 17:25:12	Name: uuid2 Value: 4785994642793681810
.adnxs.com/	1970-01-20 17:25:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJhF!qK!]tbPl1M>e)ZlrFUfJ+tGXxo]IKjf+CD_fLEYa$X:!ZreIMPpoX^V*CMteiJ3If)y3KL9D3I?-2-BjWU
.doubleclick.net/	1970-01-20 15:15:39	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://stad.yalla-shoots.io/go/(Line 298) Message: <link rel=preload> must have a valid `as` value
other	warning	URL: https://d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.fr3.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
csm.eu.criteo.net
d00f9f4163ecbb8ab7864a3f96aa348d.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
jscdn.greeter.me
log.outbrainimg.com
mcdp-nldc1.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
region1.google-analytics.com
rock.defybrick.com
s0.2mdn.net
securepubads.g.doubleclick.net
stad.yalla-shoots.io
static.criteo.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yalla-shoot.io
104.18.27.193
142.250.185.194
146.75.118.132
172.217.16.194
178.250.7.9
185.89.210.244
2.19.100.22
20.13.96.71
2001:4860:4802:32::36
205.185.216.42
23.213.165.149
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2057:8000:1a:ba5c:3900:93a1
2606:4700:3032::ac43:c9b5
2606:4700:3033::ac43:8fcc
2606:4700::6811:180e
2a00:1450:4001:801::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2006
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::4
2a02:26f0:780::210:a408
2a0c:5c87:5239::2
45.133.44.3
45.133.44.4
70.42.32.223
02c1ec09b5bbb87d55d2caa54355a52c21654f73c291b7b5545825b9ee76f805
02d98c9c4e9b2ab0f334f76dd7e9c06c61b0a488f2b6b37a24c5f75d134d94df
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0d88a0078976bfdb8d7fba9098d13b7ae41670bd8e3db8389365c4cc2e272afa
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e
1ddeb6b230fb21497c20804c5bbae332e49fb88a919e78813eca50c7f556cc32
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecadd07af582ed55ba036b234cd50ca82b5b80c685d962dc3ebe1b51116e01f
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a4708d91cdff04ad42019f79796d44559568f58f4689b3d5490cff3e9c83e9
3951ee776ddd1c565f08b4784352be94d617e14f6e56bcdfd8c57b87855d89c2
39663c3447bd752f872c3c1aa6cdfef87607aec1a1ede3d35a43a8ed997157dd
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f6ac80b45416e09bc25de9b46d5b9893c8d7104cae720a37037e60744f3272
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6fffb8c4e4c1156bda92f86cb80d6de777461ff75366d805f91d4d0140ba5e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9c49c54f308e7242fbd47d377f93b7c77067be0a48ac966da8120287627cef
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b1858d6fa88f88ba6426417813ca5d15d3d8670870fc5fecb62bcbc70fbc044
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f28898134b021cfabd2843e6ca31788802f7b18bf82c22c7088b2f41c0e7ae8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
63e5b625955de8a8f8737dc37bb133989a5980fb11946ed969bf4be304987fdb
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
657417a00a5ff05306956083ba5be0114389aa87fbc9a75aef1441c9f9eda1ac
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
695ba20729ab405962de046a39ad732c82675c58fadd8ceaba47a85378041441
697ed151aeae8243ad108b06def90595a8c88d6567e48aaa80212c8fc661b9cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6f294074864a2eb59c242f19602195ec74909535f4a6d67e23db0dc481ad9c28
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76342bdd3c3ca3eb7c7166bfeca32db893ba3367d451ba4b935f45c4427355ae
78394bc8f205c5bfa7b17b778ad66fac21557bef11beb169ea7853f3cdff0597
78720bec4318a4c64ba4820cf661f1be4744fd6aadb2dacf751affc16a86b88f
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
80f19d54f4ddc466c0a39b4ec70c7bb7b591ad8a549851bee87dc8ffc64f76a3
8685f9a8a107e1d7dedb79bcaa538e619c2f34200968743a9bd583407fe9aea0
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8b6ff2d576ea8fc006a73839ebb271195a1ea45576bd5b3cf5f5bfdb00b45d36
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c75ed7dcac54582bde4d7cc7a157c2983ad19b687440bea4aadacca0437176d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a153ed8cf2a7eaf75b6979bca9f236eebf4e4754924755fada2c8569baf0f3cc
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4361f33a3a089c65dd3e5a264fd052d85ae097e28b9d3c497c5f6da9aab2676
a5cbe69c79ac37436f714682a236e6fb1d7d3daccf61f026cd503a5c6bee16dd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae6e4053f9574e53f426671b068eb46d3d3c09c1f0fecb21effe1c51d48a3e96
b08a93085c5b8fee5e4fe5d6f4ba3522ea889c7c45189ffb3f32c30b1254da08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a516627f96028b5642712a3a82f6df00004e0bbd9ce7dbab14d89c3d3d2f11
b3636c3935521cdc3fef66c56f5e90dd7b3be758d426c040882cb0deb0c140b0
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba08e170de5661ef26ff0c9ed9337c39cd2980feafab26809424ffc37e858aa8
babb6be00eb0ca4a1cb59947d34b1c310be422e32420db9d17681f23c6caeafc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcab776c641ec8bf9187c7c9cb1fad4cadc4c0759b2777c77b568c45644f9d3
cfdc97b4cb6d41df37a2ea5884ad93ffdc942e1a923c3cfa2679c36148da631c
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d66ddf63cfc9a614849bcb959e3b616478106a8754cb9f8ecb8b618977a73209
d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea34b5630d50938879558feb2ecd3680972452de6fae7aa3ab9352ce132c280
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5deb17ab9437b32fae5343c4dd0e2398ee0cc6f7fe229160dcf02e46f501f42
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e963ec71c82212a9764cd33789d92d2a5a411b71be60b39000a8a3826a8515f8
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1477a8e80169945bbcba02642cdb13f2068511fd3e258d94bbdef5ee5cff167
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f5da8cad1c90cc27b19c1c4c7f1122f8f30b9afee90e93ff33b5f84009a004dc
f88a0f9aec3b4424867bf2af633e9a2f6888464367958b8b01673d13e9eb1ff4
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fad41dde5d9fc1a33e0fce83497cbe0601b1c7fbc152e3a877400115f66c1ccd
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fdb9595cf3bdbb77721ab7eba69c98f3fb80dba16e804310c508e3a465d2dfcd
ff6cd029a787285d3bb16e2578fe5c26563da4599129d6f2502da8d310d136b2

stad.yalla-shoots.io Open in urlscan Pro 2606:4700:3033::ac43:8fcc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

96 %HTTPS

66 %IPv6

24 Domains

39 Subdomains

38 IPs

6 Countries

1870 kBTransfer

4963 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stad.yalla-shoots.io Open in urlscan Pro
2606:4700:3033::ac43:8fcc Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

96 %
HTTPS

66 %
IPv6

24
Domains

39
Subdomains

38
IPs

6
Countries

1870 kB
Transfer

4963 kB
Size

16
Cookies

140 HTTP transactions
10 data transactions